2.0-bet2 (15-05-2026)

New features

None

Clarifications

• Fix references to RmiFeatureRegisterN
• RMI_RTT_INIT_RIPAS: skip entries which are already RIPAS_RAM (FENIMORE-1467)
• RmiOpMemState: clarify meaning in each of donation and reclamation flows (FENIMORE-1504)
• Remove RmiSignatureAlgorithm type (FENIMORE-1493)
• Fix inconsistent field names in RmiDevCommExitFlags
• Fix PDEV RID range
• Remove dangling references to INIT_RIPAS contribution to RIM (FENIMORE-1437)
• Add rules regarding scrubbing of PMU counters on REC exit (FENIMORE-1516)
• Add missing PDEV_READY -> PDEV_STOPPED in PDEV transitions table
• Clarify alignment requirements for donated memory (FENIMORE-1507)
• RMI_OP_MEM_DONATE: clarify behavior, including failure modes (FENIMORE-1501)
• RMI_OP_MEM_DONATE: clarify behavior related to block size (FENIMORE-1520)
• RMI_OP_CONTINUE: ignore RmiContinueBeyond value if operation is not range-based (FENIMORE-1519)
• Fix inconsistencies in SRO specification
• RMI_RTT_*_UNMAP: clarify that RMI_ADDR_TYPE_NONE can be used if caller does not require unmapped PAs (FENIMORE-1527)
• Range-based unmap returns when the end of a contiguous mapping is reached, if flags.oaddr_type = RMI_ADDR_TYPE_SINGLE (FENIMORE-1527)

Defects

• RMI_GRANULE_TRACKING_GET: return properties of an RMI Granule-aligned range (FENIMORE-1494)
• RMI_PSMMU_ST_L2_CREATE: return distinct error when table already exists (FENIMORE-1506)
• RMI_PSMMU_ST_L2_DESTROY: return distinct error when table is live (FENIMORE-1506)
• Remove requirement for Host to map from MPIDR to REC (FENIMORE-1473)
  • PSCI_AFFINITY_INFO: remove REC exit
  • PSCI_CPU_ON: remove target_rec input value from subsequent RMI_PSCI_COMPLETE call
• System register emulation: specify ESR_EL2 sanitization, and transfer registers (FENIMORE-1505)
• Attestation: add PAT claims for TBB boot security, TPM data binding (FENIMORE-1495, FENIMORE-1496)
• RMI_OP_MEM_DONATE: require a single list entry when donating a contiguous region (FENIMORE-1431)
• Move block size, contig and state out of RmiAddrRangeDesc (FENIMORE-1480)
• RMI_RTT_UNPROT_UNMAP: amend failure conditions to fit “skip if already unmapped” (FENIMORE-1527)
• RSI_VDEV_DMA_{DISABLE,ENABLE}: allow to return RSI_INCOMPLETE (FENIMORE-1429)
• RMI_DPT_L0_DESTROY: add liveness check (FENIMORE-1471)
• RMI_DPT_L1_DESTROY: add homogeneity check (FENIMORE-1472)
• RMI_RTT_DATA_MAP: return RMI_ERROR_GLOBAL for missing DPT (FENIMORE-1460)
• DPT entries must take account of RIPAS and S2AP for ATS Plane (FENIMORE-1515)
• Allow state of donated memory to depend on whether is is self-describing (FENIMORE-1468)
• During VDEV Lock, reset measurement and report sequence (FENIMORE-1384)
• Remove RMI_VDEV_COMPLETE (FENIMORE-1524)
• RMI_RTT_DEV_VALIDATE: remove requirement for Host to provide VDEV, PDEV addresses (FENIMORE-1475)
• RMI_PDEV_CREATE: split pdev_id to pdev_id and host bridge base address (FENIMORE-1381)
• Remove max_vdevs_order and use rid_base, rid_top instead (FENIMORE-1489)

Relaxations

• RMI_GRANULE_RANGE_{UN}DELEGATE: skip Granules already in target state (FENIMORE-1430)
• RMI_RTT_*_{UN}MAP: skip RTT entries whose state, attributes and output address already matches target values (FENIMORE-1430)
• Remove requirement for RECs to be created with monotonically increasing MPIDR (FENIMORE-1473)

2.0-bet1 (30-03-2026)

New features

None

Clarifications

• Correct wording of rule regarding traversal of switches
• Rename RmiPsmmuIrqSet::cmdq to cmdq_sync (FENIMORE-1412)
• VDEV teardown flow: describe failure of refresh / purge operation
• Range-based memory (un)mapping operation targets exclusively Protected or Unprotected IPA space (FENIMORE-1413)
• MEC does not protect memory mapped into Unprotected IPA space (FENIMORE-1416)
• On REC exit due to Emulatable Data Abort, set rec_exit.ISS.SRT to zero (FENIMORE-1356)
• On REC exit due to WFI or WFE, set rec_exit.ISS.RN to zero (FENIMORE-1387)
• Remove reference to SMMU_R_GBPA.ABORT (FENIMORE-1417)
• Move definition of “RMI Address List” into “RMI address range” section (FENIMORE-1449)
• RMI_RTT_{DATA,DEV,UNPROT}_UNMAP: fix description of oaddr input value (FENIMORE-1449)
• Add clarifications related to SROs (FENIMORE-1454)
• RMI_RTT_DATA_MAP: remove redundant statement about wiping (FENIMORE-1414)
• Point out that L1DPT, L1GPT can be allocated with NUMA awareness (FENIMORE-1398)
• RMI_RTT_UNPROT_MAP: correct reference to Unprotected IPA space (FENIMORE-1415)
• Remove unreachable {HIPAS_NARCH_DEV, RIPAS_RAM} from transition diagram (FENIMORE-1455)
• Change to RIPAS of Protected IPA does not modify RIM
• PMU overflow flow: correctly show when overflow interrupt is disabled / enabled
• Remove references to TRACKING_READY, TRACKING_NOT_READY
• Add GRAN_INTERNAL to table of Granule state transitions
• SRO handle: improve consistency of terminology (“invalid” versus “release”)
• RMI_RTT_DEV_VALIDATE: clarify that memory attributes are controlled by the Realm (FENIMORE-1461)
• Remove RMM_STATE_INTERMEDIATE
• RMI_GRANULE_RANGE_{UN}DELEGATE: out_top is valid only when result is RMI_SUCCESS
• Add PSMMU interrupt handling flows (FENIMORE-1470)
• Rename RMI_VSMMU_EVENT_NOTIFY to RMI_VSMMU_EVENT_HANDLE (FENIMORE-1478)
• Document the ignored fields in RmiPdevParams for an RP device (FENIMORE-1465)
• Remove incorrect definition of pdev_id (FENIMORE-1492)
• Specify addr_range in stream connect are CPU system addresses (FENIMORE-1424)
• out_top is valid only when result is RMI_SUCCESS

Defects

• Fix success condition from PDEV_NEW -> PDEV_READY for non-SPDM devices
• Rename negotiation data to protocol data and add a protocol_data_set flag in RsiVdevInfo
• Remove unused RMI_VSMMU_EVENT_COMPLETE (FENIMORE-1421)
• Add RmiRttUnmapFlags::list_count (FENIMORE-1449)
• RMI_GRANULE_RANGE_{UN}DELEGATE: return RMI_ERROR_TRACKING (FENIMORE-1427)
• Remove unused RmiPsmmuIrqResult::empty (FENIMORE-1420)
• Correct implementation of DptEntryCanDescribe() (FENIMORE-1399)
• Add RMI_RMM_STATE_GET (FENIMORE-1388)
• RMI_OP_MEM_{DONATE,RECLAIM}: remove provision for implementation defined error output values
• RMI_PSMMU_ACTIVATE: return RMI_ERROR_DPT if L0DPT is not created (FENIMORE-1423)
• RMI_VDEV_DESTROY should not be allowed in ERROR state (FENIMORE-1464)
• Reduce the number of addrs returned in PSMMU_IRQ_NOTIFY (FENIMORE-1418)
• Add fatal error return in RMI_PSMMU_IRQ_NOTIFY and change actions to enumeration (FENIMORE-1469)
• Move PDEV stream liveness check from RMI_PDEV_DESTROY to RMI_PDEV_STOP (FENIMORE-1458)
• Allow wired intrs in psmmu activate (FENIMORE-1419)
• RMI_PSMMU_ST_L2_DESTROY: add check on PSMMU state (FENIMORE-1487)
• Specify rid_base, rid_top format is BDF for PCIe devices (FENIMORE-1491)

Relaxations

None

2.0-bet0 (30-01-2026)

New features

• attestation: add Realm Instance ID claim (FENIMORE-1119)

Clarifications

• Consistently use “wipe” instead of “zero-fill” (FENIMORE-919)
• Note that GPF on access to Unprotected IPA is taken to Realm (FENIMORE-920)
• Clarify “RIPAS / HIPAS mismatch” cells in “Summary of Realm IPA space properties” table (FENIMORE-949)
• Clarify that RIPAS / HIPAS are stored in leaf RTT entries (FENIMORE-950)
• Rename “MEC update” to “MEC refresh” (FENIMORE-1211)
• DA: remove misleading arrow regarding verification that device holds private key (FENIMORE-1249)
• P2P: clarify that both coherent and non-coherent device memory is included (FENIMORE-1305)
• RmiRecExitReason: rename RMI_EXIT_VDEV_MAP -> RMI_EXIT_VDEV_VALIDATE_MAPPING (FENIMORE-1336)
• RMI_CMEM_START may cause MEC_COUNT to change (FENIMORE-1376)
• Remove statement that Host must save / restore GIC virtualization system control registers
• TDISP_EN=1 must be set at a given RP when the first PDEV is created (FENIMORE-1358)
• PDEV: abstract device attribute names to be non-PCIe-specific (FENIMORE-1381)
• Add rationale regarding key refresh / purge on VDEV unlock
• RMI_OP_MEM_DONATE: contents of RMI Address List are not modified
• Clarify when the Host should cache the request in the device request buffer
• RIPAS change: include transition to RIPAS_DEV
• For details of extending PAT with CMEM devices, refer to FIRME
• For details of communication with the device via the platform, refer to FIRME
• Clarify Host cached measurements is SPDM measurements transcript excluding VCA
• Clarify value creation of CCA platform software component measurement value in the presence of LFA (FENIMORE-1390)
• Clarify that STE.EATS is set only if PSMMU ats flag is set
• Remove success conditions for RMI_INCOMPLETE (FENIMORE-1400)

Defects

• RMI_PDEV_CREATE: fix initialization of RmmPdev::prot (FENIMORE-1366)
• Tidy up RMI feature registers (FENIMORE-1209)
• RMI_VDEV_COMPLETE: make setting of DEV_COMM_PENDING conditional on intitiating command (FENIMORE-1326)
• RMI_RTT_INIT_RIPAS: don’t extend RIM (FENIMORE-1363)
• RmiAddrRangeDesc: fix position and width of res0 field (FENIMORE-1378)
• attestation: update profile versions to 2.0.0 (FENIMORE-1377)
• RSI_VDEV_GET_INFO: support report formats other than TDISP (FENIMORE-1329)
• Remove RMI_PDEV_SET_PROT; RMI_VDEV_CREATE fails if PSMMU walk fails (FENIMORE-1375)
• Provide cleaner abstraction between SPDM and non-SPDM devices (FENIMORE-1351)
• Remove measurement indices and always request all device measurements (FENIMORE-1367)
• RMI_PDEV_STREAM_{COMPLETE,KEY_REFRESH,KEY_PURGE}: fix state transitions
• RMI_VDEV_GET_MEASUREMENTS: remove requirement for VDEV to be locked (FENIMORE-1382)
• RMI_REALM_CREATE: bounds check ats_plane parameter (FENIMORE-1385)
• RMI_RTT_INIT_RIPAS: apply change to entries with HIPAS_VOID or HIPAS_DATA (FENIMORE-1350)
• REC exit on access to ICC_*_EL1 is conditional on Host-managed traps (FENIMORE-1338)
• RSI_PLANE_ENTER: rename and reorganise register values (FENIMORE-1210)
• RMI_OP_*: improve consistency of input / output register assignment
• Specify that base of RMI Address List must be aligned to size of an entry
• Specify that when range operation returns out_top, no state change has occurred above that address (FENIMORE-1372)
• Remove requirement for RMM to zero-fill unused output registers
• Add RMI_VSMMU_FEATURES (FENIMORE-1393)
• Add RMI_VSMMU_CMD_{GET,COMPLETE} (FENIMORE-1394)
• RMI_PDEV_CREATE cannot result in caching RMI_DEV_MEASUREMENTS
• RMI_RMM_CONFIG_GET: fail unless RMM state is RMM_ACTIVE (FENIMORE-1401)
• AddrIsTrackingRegionAligned: check against size provided to RMI_RMM_CONFIG_SET
• Remove RmiFeatureRegister0::PGS
• Move RmiFeatureRegister0::{L0GPTSZ,PPS} to RmiFeatureRegister1
• Remove RmmPdev::trust attribute
• Remove unused RmmPdevCoherent type
• Add IDE usage and coherent / I/O coherent traffic to cca-device claim (FENIMORE-1359)
• RMI_PSMMU_DEACTIVATE: fail if L1ST is live (FENIMORE-1404)

Relaxations

• Permit device memory to be either tracked or untracked at platform boot
• Allow RMI_PDEV_ABORT to transition to PDEV_ERROR state

2.0-alp20 (02-01-2026)

New features

None

Clarifications

None

Defects

• RMI_REALM_CREATE: restore failure condition if Realm is live (FENIMORE-1337)
• VDEV measurements: enable signature if supported; always cache SPDM transcript (FENIMORE-1342)
• Add limit on number of VDEVs per PDEV (FENIMORE-1318, FENIMORE-1319)
• Add PA ranges to VDEV (FENIMORE-1320)
• PDEV: separate establishment of communication from establishment of traffic protection (FENIMORE-1343)
• PDEV: add support for NON_TEE stream, directly-attached only (FENIMORE-1328)
• VDEV unlock: add states requiring refresh and purging of keys on all PDEV streams (FENIMORE-1247)
• RMI_RTT_DEV_UNMAP: remove VDEV pointer (FENIMORE-1303)
• Establish binding between Realm attestation token and device attestation evidence (FENIMORE-1023)
• Correct what the Host caches during device measurement retreival (FENIMORE-1352)
• Introduce commands for donating / reclaiming memory used by a stateful RMI operation (FENIMORE-1013)
• Replace “auxiliary Granules” with use of generic donate / reclaim memory pattern (FENIMORE-1297)
• Allow implementation to request additional memory for VSMMU object (FENIMORE-1322)
• Use “donate memory” primitive for allocation of PSMMU stream tables and queues (FENIMORE-1339)
• Use “donate memory” primitive for allocation of granule tracking metadata (FENIMORE-1340)
• Use “donate memory” primitive for allocation of L1GPT (FENIMORE-1340)
• Use “donate memory” primitive for allocation of L0DPT and L1DPT (FENIMORE-1340)
• Permit Host-Side Encryption for CXL type-3 devices (FENIMORE-1278)
• RMI_PDEV_CREATE: defer check for RID range overlap to RMI_PDEV_SET_PROT (FENIMORE-1200)
• Rename HIPAS values (FENIMORE-1134)
  • UNASSIGNED -> VOID
  • ASSIGNED -> DATA
  • ASSIGNED_DEV -> NARCH_DEV
  • ASSIGNED_ARCH_DEV -> ARCH_DEV
  • UNASSIGNED_NS -> UNMAPPED_NS
  • ASSIGNED_NS -> MAPPED_NS

Relaxations

None

2.0-alp19 (28-11-2025)

In response to feedback received by Arm on previous 1.1-alp drafts, this release includes some breaking changes to the Realm Management Interface. Consequently, the RMI version is increased from 1.1 to 2.0.

No breaking changes are made to the Realm Services Interface. Consequently, the RSI version remains at 1.1.

This is the first release of the RMM specification in which the RMI and RSI versions do not match. The overall document version number follows the larger of the RMI and RSI versions. Consequently, the document version is increased to 2.0.

Because the 1.1 specification did not reach BET maturity, this draft is effectively a continuation of the previous ALP development sequence. Consequently, this name of this release follow on from the most recent draft (1.1-alp18), and the overall document name is therefore 2.0-alp19.

New features

• Add RMI_GPT_L1_{CREATE,DESTROY} (FENIMORE-1256)
• Replace single-entry memory management commands with range-based equivalents (FENIMORE-1254, FENIMORE-1300)

RMI_ARCH_DEV_MAP              -> RMI_RTT_ARCH_DEV_MAP
RMI_ARCH_DEV_UNMAP            -> RMI_RTT_ARCH_DEV_UNMAP
RMI_RTT_AUX_MAP_PROTECTED     -> RMI_RTT_AUX_PROT_MAP
RMI_RTT_AUX_UNMAP_PROTECTED   -> RMI_RTT_AUX_PROT_UNMAP
RMI_RTT_AUX_MAP_UNPROTECTED   -> RMI_RTT_AUX_UNPROT_MAP
RMI_RTT_AUX_UNMAP_UNPROTECTED -> RMI_RTT_AUX_UNPROT_UNMAP
RMI_DATA_CREATE_UNKNOWN       -> RMI_RTT_DATA_MAP
RMI_DATA_DESTROY              -> RMI_RTT_DATA_UNMAP
RMI_VDEV_MAP                  -> RMI_RTT_DEV_MAP
RMI_VDEV_UNMAP                -> RMI_RTT_DEV_UNMAP
RMI_RTT_MAP_UNPROTECTED       -> RMI_RTT_UNPROT_MAP
RMI_RTT_UNMAP_UNPROTECTED     -> RMI_RTT_UNPROT_UNMAP

• More consistent naming of RTT commands (FENIMORE-1304)

RMI_DATA_CREATE           -> RMI_RTT_DATA_MAP_INIT
RMI_VDEV_VALIDATE_MAPPING -> RMI_RTT_DEV_VALIDATE

• Add “RMM activate” state transition (FENIMORE-1295)

Clarifications

None

Defects

• Bump RMI version to 2.0
• Remove RMI_GRANULE_{UN}DELEGATE (FENIMORE-1300)
• RMI_REALM_CREATE: remove VMID values (FENIMORE-1298)
• Amend statements which still assume RMI Granule size is 4KB (FENIMORE-1075)
• RMI_{PDEV,VDEV}_COMMUNICATE: state constraints on request / response length and offset (FENIMORE-1307)
• Preserve values of GIC CPU interface system registers on REC entry and exit (FENIMORE-1302)
• Add RMI_REALM_TERMINATE (FENIMORE-1152)
• Remove Host control of MECID values and MEC states (FENIMORE-1299)
• Add RsiPlaneExit::elr_el1 (FENIMORE-1308)
• Update cca-platform-extension claim to include IDE, encryption type, VCA (FENIMORE-1327)

Relaxations

None

1.1-alp18 (31-10-2025)

New features

• Add RD_AUX granules (FENIMORE-1292)
• VSMMU: add support for stage 1 PRI (FENIMORE-1265)
• Range-based Granule (un)delegation (FENIMORE-1253)

Clarifications

• Replace “resource attested by RMM” with “resource verified by RMM”
• Rename “Initial Attestation Key (IAK)” to “CCA Platform Attestation Key (CPAK)”
• Remove “directly-attached” from the list of CMEM (CXL type-3) device properties
• RMI_GRANULE_{UN}DELEGATE execution time is unbounded due to SMMU RGPTM (FENIMORE-1281)
• Document programming models for RMI and RSI commands
• Describe handling of CPAK X.509 endorsement certificate (FENIMORE-1261)
• Clarify that for CMEM devices, always retrieve signed measurements if supported (FENIMORE-1206)

Defects

• Make “Plane exit due to synchronous exeception” conditional on Plane entry flags
• Initial value of RIM is zero (FENIMORE-1289)
• RSI_VDEV_GET_INFO: return VSMMU address and vSID (FENIMORE-1290)
• RSI_VDEV_DMA_ENABLE: require VDEV state to be VDEV_STARTED (FENIMORE-1291)
• PMU: allow processor Cycle Count to increment during Realm execution (FENIMORE-1287)
• PDEV, VDEV: use similar state machines to reflect communication state (FENIMORE-1283)
• Generalise flow for activating an architectural device such as VSMMU (FENIMORE-1275)
• Remove TRACKING_NONE

Relaxations

None

1.1-alp17 (03-10-2025)

New features

• Add RsiPlaneEnterFlags::trap_dbg (FENIMORE-1268)

Clarifications

• Clarify that Pn has same number of PMU counters, breakpoints, watchpoints as P0 (FENIMORE-1169)
• Add recommendation for calculation of TDISP MMIO Reporting Offset (FENIMORE-1272)

Defects

• Remove RMI_GRANULE_SIZE constant (FENIMORE-1240)
• Remove RmmRtt::entries member (FENIMORE-1240)
• RMI_VDEV_{MAP,UNMAP}: fix shift direction in num_map success conditions (FENIMORE-1241)
• RMI_GRANULE_SIZE_SET: fail if any tracking region has been made tracked (FENIMORE-1243)
• Allow Host to configure tracking region size (FENIMORE-1257)
• State concurrency rules relating to creation / destruction of PSMMU objects (FENIMORE-1167)
• Remove RmiRecExit::rtt_level (FENIMORE-1262)
• Add RmiVdevMeasureFlags::cache_type (FENIMORE-1204)
• Permit granule tracking metadata to be stored in CMEM (FENIMORE-1250)
• Permit DRAM to be untracked at platform boot (FENIMORE-1255)
• Change CWT label for cca-platform-extension-label to be in PSA range (FENIMORE-1277)
• Require platform attestation token to be refreshed following CMEM_START (FENIMORE-1251)
• PSMMU: abstract memory allocation to ST_L1 and queues (FENIMORE-1199)

Relaxations

None

1.1-alp16 (04-08-2025)

New features

• Add support for SHA-384 (FENIMORE-1180)
• Add cca-platform-client-id attestation claim (FENIMORE-1166)
• Configurable RMI Granule size (FENIMORE-1075) and runtime allocation of granule metadata (FENIMORE-984)
  • Introduce the concept of a “memory layout view”, which represents the RMM’s static understanding of PA region reserved for DRAM and device memory.
  • Introduce the concept of a “memory population view”, which represents the RMM’s dynamic understanding of which PA regions are backed by attested resources.
  • Define “populated memory” to be physical addresses which are backed by attested resources.
  • Introduce the concept of a “memory tracking view”, which represents the RMM’s dynamic understanding of which PA regions are associated with metadata for recording state information, and the granularity of that tracking.
  • Define “tracked memory” to be physical addresses which have associated tracking metadata.
  • Redefine “delegable memory” as being the combination of “populated” and “tracked”.
  • Add the capability to modify the RMI Granule size.
    • Add command RMI_GRANULE_SET_SIZE.
    • This is permitted only while no memory is delegated.
  • Add the capability to allocate Granule tracking metadata at runtime, and therefore transition memory from tracked to untracked:
    • Add command RMI_GRANULE_TRACKING_GET
    • Add command RMI_GRANULE_TRACKING_SET
    • Add command RMI_GRANULE_TRACKING_SIZE
• Add support for coherent memory (CMEM) devices (FENIMORE-986)
  • The only supported type of CMEM device is CXL type-3
  • Add RMI commands used to add CMEM devices to the platform
  • Permit RMM objects and DATA to be allocated from either DRAM or CMEM
  • Modify MEC flows to account for need to propagate key updates to CMEM devices
  • Add “CCA platform extension” claim for reporting attestation information relating to CMEM devices

Clarifications

• Clarify that MAX_MECID is zero if FEAT_MEC is not enabled (FENIMORE-1177)
• For details of IDE key programming, refer to FIRME (FENIMORE-1142)
• Improve description of cca-platform-config attestation claim (FENIMORE-1160)
• Clarify that RmiVdevMeasureParams::nonce is only used for signed measurements (FENIMORE-1021)
• Clarify definition of public key associated with Secure SPDM session (FENIMORE-1175)
• Clarify that Realm measurement is an incremental hash (FENIMORE-1190)
• VDEV graceful teardown flow: set IPA regions to EMPTY (FENIMORE-1158)
• Clarify that transition to Secure SPDM includes verification of device signature (FENIMORE-1176)
• Correct list of Granule states which have an associated owner
• Clarify meaning of “RMI_{PDEV,VDEV}_COMMUNICATE returns COMPLETE” (FENIMORE-1197)
• Clarify meaning of the PSMMU physical address (FENIMORE-1201)

Defects

• Clarify handling of Pn system registers on Plane entry / exit (FENIMORE-1168)
• Enable P0 to inject exception into Pn (FENIMORE-1170)
• Specify that direct interrupt injection is permitted only to the GIC owner Plane (FENIMORE-1171)
• Add RsiPlaneExit::pmu_overflow_status (FENIMORE-1172)
• cca-platform-manufacturing-config attestation claim used incorrect codepoint (FENIMORE-1181)
• cca-realm-mec-policy: use numeric encoding (FENIMORE-1182)
• Remove Realm parameters from RIM (FENIMORE-905)
• RMI_VDEV: consistently pass RD and PDEV to communication commands (FENIMORE-1193)
• RMI_VDEV_GET_MEASUREMENTS: add failure condition for signed measurements not supported (FENIMORE-1021)
• RSI_VDEV_DMA_ENABLE: add non_ats_plane input value (FENIMORE-1178)
• RMI_VDEV_P2P_UNBIND: remove REC argument (FENIMORE-1146)
• RSI_VDEV_GET_INFO: remove p2p_peer (FENIMORE-1148)
• RMI_VDEV_P2P_{BIND,UNBIND}: add failure conditions on VDEV states (FENIMORE-1148)
• Add RSI_VDEV_DMA_DISABLE (FENIMORE-1158)
• Avoid TOCTOU by stating that device configuration is locked at PDEV_READY (FENIMORE-1174)
• RMI_VDEV_GET_MEASUREMENTS: remove RmiVdevMeasureFlags::all (FENIMORE-1183)
• RMI_REC_ENTER: correct check on rec.pending (FENIMORE-1188)
• RMI_{PDEV,VDEV}_COMMUNICATE: allow to return RMI_BUSY for implementation defined reason (FENIMORE-1191)
• Reinstate Realm verification of device public key digest (FENIMORE-750)

Relaxations

None

1.1-alp15 (11-06-2025)

New features

• Runtime allocation of PSMMU stream tables and queues, and DPT (FENIMORE-987)
• Add new cca-realm-lfa-policy attestation claim (FENIMORE-905)

Clarifications

• Clarify references to MSI by prefixing with physical or virtual (FENIMORE-1138)

Defects

• Make {HIPAS=ASSIGNED_DEV, RIPAS=RAM} unreachable (FENIMORE-1092)
• Replace “independently- / platform-attested” with device properties (FENIMORE-1120)
• Introduce separate feature flags for DA_COH, P2P, VSMMU and ATS (FENIMORE-1049)
• RMI_PDEV_IDE_RESET: require number of VDEVs to be zero (FENIMORE-1050)
• RMI_PDEV_CREATE: restrict IDE SID to [0, 31] (FENIMORE-1044)
• Initial state of MECID zero is SHARED (FENIMORE-1155)
• RSI_VSMMU_ACTIVATE: fix RTTE state check to consider IPA range (FENIMORE-1136)
• RSI_VSMMU_ACTIVATE: prevent reactivation of an active VSMMU (FENIMORE-1135)
• Specify that execute permission for Pn is dropped on transition to RIPAS=DEV (FENIMORE-1157)
• Fix specification of wait / timeout during device communication (FENIMORE-1093)

Relaxations

None

1.1-alp14 (02-05-2025)

New features

• Add cca-platform-manufacturing-config claim to the CCA Platform attestation token (FENIMORE-1037)

Clarifications

• Clarify which Realm sysreg accesses result in a REC exit (FENIMORE-1066)
• RSI_PLANE_SYSREG_{READ,WRITE}: clean up helper functions
• Update IDE key programming flow (FENIMORE-1052)
• RSI_MEASUREMENT_READ: add success conditions (FENIMORE-944)
• PSCI_VERSION: add success condition (FENIMORE-947)
• RSI_IPA_STATE_SET: add success condition (FENIMORE-970)
• RSI_IPA_STATE_GET: add success condition (FENIMORE-957)
• RSI_ATTESTATION_TOKEN_INIT: add success condition (FENIMORE-958)
• RSI_ATTESTATION_TOKEN_CONTINUE: add success condition (FENIMORE-959)
• RIPAS change flow: remove invalid reference to rec.exit_reason (FENIMORE-968)
• Remove inconsistency regarding rec_exit.gprs following emulatable write (FENIMORE-1020)
• Clarify statement regarding successful RMI_REC_ENTER with no forward progress (FENIMORE-1026)
• Add missing diagram arcs for RMI_RTT_INIT_RIPAS (FENIMORE-1048)
• RSI_MEM_SET_PERM_INDEX: add success condition for new_cookie (FENIMORE-1058)
• RSI_VSMMU_ACTIVATE: add success condition (FENIMORE-1059)
• Consistently describe calculation of REC index (FENIMORE-1094)
• PSCI_CPU_ON: add PC to footprint (FENIMORE-1103)
• PSCI_SYSTEM_OFF: add Realm state to footprint (FENIMORE-1104)
• RMI_MEC_SET_PRIVATE: add MEC state to footprint (FENIMORE-1105)
• RMI_VDEV_VALIDATE_MAPPING: add rec.dev_mem_pa to footprint (FENIMORE-1109)
• RSI_MEM_SET_PERM_INDEX: add lock bit to footprint (FENIMORE-1110)
• RSI_MEM_SET_PERM_INDEX: add perm value to footprint (FENIMORE-1111)
• RMI_RTT_SET_S2AP: add rec.s2ap_addr to footprint (FENIMORE-1113)
• RMI_MEC_SET_SHARED: add MEC state to footprint (FENIMORE-1114)
• PSCI_SYSTEM_RESET: add Realm state to footprint (FENIMORE-1116)

Defects

• RealmParamsSupported: check rtt_s2ap_encoding regardless of num_aux_planes (FENIMORE-1053)
• RealmParamsSupported: fix handling of rtt_tree_per_plane and rtt_s2ap_encoding (FENIMORE-1106)
• RMI_PDEV_IDE_RESET: clarify that NCOH IDE connection is targetted (FENIMORE-1061)
• Rename RMI_PDEV_NOTIFY -> RMI_PDEV_STREAM_KEY_REFRESH (FENIMORE-1064)
• RMI_RTT_AUX_MAP_{PROTECTED,UNPROTECTED}: remove fail_index output value (FENIMORE-1101)
• RMI_RTT_AUX_MAP_UNPROTECTED: remove rtt_attr_prot success condition (FENIMORE-1102)
• Share a single RTT among Planes for Unprotected IPA space (FENIMORE-998)
• RMI_RTT_AUX_{MAP,UNMAP}_PROTECTED: remove level(_pri) output value (FENIMORE-1100)
• Alter top level of Attestation token to conform to changes in IETF RATS Conceptual Messages Wrapper (FENIMORE-1065)
• P2P changes (FENIMORE-1036)
  • P2P stream connects exactly two PDEVs

Relaxations

• Relax definition of command observable effects to include memory contents [R_WZYBV] (FENIMORE-1112)

1.1-alp13 (18-03-2025)

New features

None

Clarifications

• More clearly state PDEV and VDEV invariants
• Clarify VDEV request flow
• Truncate “IDE setup” flow to remove VDEV interactions
• RMI_DEV_MEM_{MAP,UNMAP} and RMI_RTT_{MAP,UNMAP}_UNPROTECTED: amend language and conditions to accommodate block mappings (FENIMORE-1030)
• {Rmi,Rmm}PdevCoherent: rename IOCOH,FCOH -> NCOH,COH
• Rename RSI_PLANE_REG_{READ,WRITE} -> RSI_PLANE_SYSREG_{READ,WRITE}
• Remove unreachable combinations from HIPAS / RIPAS table
• Show RSI_VSMMU_ACTIVATE on RIPAS state transition diagram
• Clarify meaning of command success pre- and post-conditions
• Prevent VDEV destruction while validated mappings exist (FENIMORE-1017)
• Rename RMI_DEV_MEM_{MAP,UNMAP} -> RMI_VDEV_{MAP,UNMAP} (FENIMORE-1017)
• Rename RMI_RTT_DEV_MEM_VALIDATE -> RMI_VDEV_VALIDATE_MAPPING (FENIMORE-1017)
• For device access to shared memory, use Unprotected IPA as the DMA address (FENIMORE-985)
• Clarify “Physical device setup flow” sequence diagram (FENIMORE-1014)
• Add flows for device measurement retrieval (FENIMORE-1008)
• Add implementation defined flow for device measurement retrieval (FENIMORE-983)

Defects

• RMI_PDEV_SET_PUBKEY: correct maximum value for key length (FENIMORE-1031)
• RMI_RTT_DEV_MEM_VALIDATE: add pdev, vdev inputs (FENIMORE-1032)
• RSI_PLANE_SYSREG_{READ,WRITE}: add support for D128
• Add RDEV_OP_STOP
• Remove VDEV instance ID
• Change VDEV communication from Realm-initiated to Host-initiated (FENIMORE-990)
  • Replace the following RSI_RDEV commands with RMI_VDEV equivalents
    • GET_MEASUREMENTS
    • GET_INTERFACE_REPORT
    • LOCK
    • START
  • Remove RSI_RDEV_STOP
  • Add RMI_VDEV_P2P_BIND
  • RmmVdev: add lock_nonce, meas_count, report_count attributes
  • RmmVdev: add op attribute, which records outstanding operation
  • RMI_VDEV_COMMUNICATE: add success conditions which update nonce / counters
  • Remove RSI_RDEV_GET_STATE: the state is now reported via RSI_RDEV_GET_INFO
  • Remove RSI_RDEV_CONTINUE
  • Remove REC exit due to VDEV communication
  • Remove concept of RDEV
  • Remove “Interruptible Realm device operations”
  • Remove RDEV lifecycle diagram
  • Rename remaining RSI_RDEV commands to RSI_VDEV
  • Rewrite overall flow descriptions to reflect Host-initiated requests
  • Add RSI_VDEV_DMA_ENABLE
• RSI_VDEV_GET_INFO: relax alignment requirements (FENIMORE-1033)
• Add RsiPlaneEnterFlags::trap_simd (FENIMORE-1015)
• Add RsiPlane{Enter,Exit}::spsr_el2 (FENIMORE-1015)
• RSI_VSMMU_ACTIVATE: fail if HIPAS != ASSIGNED_VSMMU (FENIMORE-1046)
• Realm entry to Pn with RMI_INJECT_SEA causes Plane exit
• RMI_PDEV_AUX_COUNT: add failure condition for unsupported flags (FENIMORE-1012)
• Change codepoint for cca-realm-mec-policy attestation claim to avoid clash (FENIMORE-1047)
• Introduce VSMMU state machine (FENIMORE-1046)

Relaxations

• Allocate new FIDs in SMCCC for CCA (FENIMORE-1034)

1.1-alp12 (29-01-2025)

New features

None

Clarifications

• Replace RttLevelIsBlockOrPage function with explicit values (FENIMORE-982)
• Add flow which explains how VSMMU mappings are created and validated (FENIMORE-980)
• VSMMU: fix defects in HIPAS / RIPAS diagrams (FENIMORE-991)
• VSMMU: fix defects in liveness description (FENIMORE-994)
• RMI_VSMMU_DESTROY: input VSMMU address is a PA (FENIMORE-995)
• Remove contradiction from statements regarding Unprotected IPA mappings in multi-Plane Realms (FENIMORE-997)
• Merge RmmRdev type into RmmVdev (FENIMORE-1003)
• Clarify that RSI_RDEV_CONTINUE causes REC exit due to VDEV communication (FENIMORE-1009)
• RMI_VDEV_COMMUNICATE: add example of wait flag being returned during SPDM communication (FENIMORE-955)

Defects

• RSI_IPA_STATE_SET: if ripas is not RAM then flags.destroyed is ignored (FENIMORE-988)
• Define Plane exit due to IRQ (FENIMORE-996)
• RMI_REC_ENTER: add “force P0” flag (FENIMORE-989)
• RMI_VSMMU_MAP: add level argument (FENIMORE-993)
• Add missing enum value RmiPdevState::RMI_PDEV_IDE_RESETTING (FENIMORE-999)
• RMI_VSMMU_UNMAP: add PA argument (FENIMORE-1004)
• RMI_RTT_AUX_MAP_PROTECTED: permit mapping of ASSIGNED_VSMMU (FENIMORE-1005)
• RSI_RDEV: return RSI_ERROR_DEVICE in case of incorrect RDEV state (FENIMORE-1010)
• Remove RDEV_STOPPED state (FENIMORE-1011)
• RMI_DEV_MEM_MAP: take account of level when checking address alignment (FENIMORE-1016)
• RMI_DEV_MEM_{MAP,UNMAP}: modify state of contiguous set of Granules (FENIMORE-1016)

Relaxations

• Relax rules regarding SEA on access to Protected IPA, to permit restartable / recoverable errors to be presented to the Realm (FENIMORE-1006)
• Increase maximum number of REC AUX Granules to 32 (FENIMORE-1007)

1.1-alp11 (10-12-2024)

New features

• P2P device communication (FENIMORE-954)

Clarifications

• Clarify the operation performed by the RemExtend function (FENIMORE-902)
• Clarify that the RecAuxCount function returns an implementation defined value (FENIMORE-907)
• Rename RsiRdevValidateIoFlags to RsiDevMemFlags (FENIMORE-908)
• RMI_VDEV_COMMUNICATE: explain why PDEV pointer is provided as input value (FENIMORE-910)
• RmmEntryAt function: change signature (FENIMORE-911)
• {RMI,RSI}_VERSION: use “supported” rather than “implemented” (FENIMORE-913)
• Rename RmmEntry::s2ap_{base,overlay} to s2ap_{bidx,oidx} (FENIMORE-912)
• Change type of RmmEntry::s2ap_{bidx,oidx} to UInt4 (FENIMORE-912)
• Change RmmRealmFlags1::rtt_s2ap_indirect to rtt_s2ap_encoding (FENIMORE-912)
• Make consistent statements regarding stage 2 permission fault at Unprotected IPA (FENIMORE-917)
• RMI_DATA_CREATE: add missing arc in diagram from RIPAS=DESTROYED, when Realm state is NEW (FENIMORE-906)
• Clarify return to Realm of VDEV instance ID, in flow diagram (FENIMORE-936)
• Clarify Host behaviour in “Realm shared memory protocol” (FENIMORE-926)
• RSI_RDEV_VALIDATE_MAPPING: make arguments in flows consistent with command definition (FENIMORE-927)
• Clarify attributes stored in REC during device mapping validation flow (FENIMORE-928)
• Clarify description of MEC policy
• Clarify that SPDM and IDE may be optional for devices which are protected “by system construction” (FENIMORE-934)
• RMI_DATA_CREATE: add success condition regarding Granule contents (FENIMORE-935)
• RSI_HOST_CALL: add data.gprs to footprint (FENIMORE-937)
• RSI_HOST_CALL: remove rec.pending from footprint (FENIMORE-937)
• Clarify device communication flows, with and without SPDM (FENIMORE-942)
• Add concept of Granule category (FENIMORE-953)
• Remove PaIsDelegable() checks from NS accesses (FENIMORE-956)
• REC exit due to VDEV communication: constrain rec_exit.exit_reason (FENIMORE-962)
• Add description and references for “(Non-)TEE memory” and “T=1” (FENIMORE-963)
• RmiVsmmuParamsIsValid: clarify criteria for aidr, idr value to be valid (FENIMORE-964)
• Clarify wording regarding the set of GICv3 List Registers which are available (FENIMORE-967)
• RsiFeatureRegisterEncode: add RmmRealm argument (FENIMORE-971)
• Specify value of index for RMI_ERROR_{NOT_SUPPORTED,DEVICE} (FENIMORE-973)
• PDEV lifecycle: remove transition from PDEV_NEW to NULL (FENIMORE-974)
• Provide additional examples of “Granule wiping” implementations (FENIMORE-976)
• RSI_RDEV_*: remove orderings between failures with the same error code (FENIMORE-943)

Defects

• RMI_RTT_SET_S2AP: add success condition which updates rec.s2ap_addr (FENIMORE-817)
• Formalise RttEntriesInRangeRipas function (FENIMORE-911)
• RMI_RTT_SET_RIPAS: formalise da_pre failure condition (FENIMORE-911)
• Model S2AP direct / indirect encoding explicitly (FENIMORE-912)
• RTT folding: memory attributes are only valid if HIPAS is ASSIGNED_{DEV,NS} (FENIMORE-916)
• Specify that an RTT entry is live if its state is VSMMU (FENIMORE-914)
• RMI_RTT_READ_ENTRY: add ASSIGNED_DEV, ASSIGNED_VSMMU (FENIMORE-915)
• Enable Realm to determine whether an device memory IPA range maps to a Limited Order Region (FENIMORE-783)
• Enforce XN=1 for MMIO locations (FENIMORE-819, reverting change made in 1.1-alp10)
• RMI_VSMMU_MAP: remove redundant failure condition on upper IPA bound (FENIMORE-938)
• If MAX_MECID is not zero, default state of all MECs is PRIVATE_UNASSIGNED (FENIMORE-930)
• RsiDevInfo: add attestation_type (FENIMORE-941)
• RMI_VSMMU_MAP: correct granule state pre-condition check (FENIMORE-939)
• RMI_RTT_DESTROY: correct state_unprot post-condition (FENIMORE-940)
• RMI_DEV_MEM_MAP: add success conditions for memory attributes (FENIMORE-924)
• RMI_RTT_READ_ENTRY: add support for VSMMU (FENIMORE-965)
• Remove “REC exit due to RTT request” (FENIMORE-945)
• RmiRecExitReason: re-encode to remove gaps
• VDEV: add VDEV_NEW state (FENIMORE-952)
• RMI_DEV_MEM_UNMAP: add “level” input value (FENIMORE-960)
• RMI_RTT_DEV_MEM_VALIDATE: add checks for memory attributes and output address (FENIMORE-929)
• Support for DA with multiple Planes, including ATS (FENIMORE-932)
• Support for signed device measurements (FENIMORE-918)
• RMI_PDEV_DESTROY: remove redundant failure condition pdev_live (FENIMORE-975)
• RMI_RTT_MAP_UNPROTECTED: check bounds of S2AP base index (FENIMORE-977)
• Replace PDEV protection enum with separate spdm, ide and coh flags (FENIMORE-979)
• For platform-attested devices, permit measurements to use an implementation defined format (FENIMORE-978)

Relaxations

None

1.1-alp10 (31-10-2024)

New features

• Virtual SMMU (FENIMORE-887)
• Update quality of “DA foundation” to BETA

Clarifications

• Rename RdevFromIds to RdevFromInstId (FENIMORE-884)
• Clarify definition of device identifier
• Re-order participants in DA flow diagrams to match those in other flows
• Clarify failure modes of VDEV request flow (FENIMORE-860)
• RmiFeatureRegister0: rename PLANE_RTT to RTT_PLANE (FENIMORE-875)
• RmiRealmFlags1: rename rtt_tree_pp to rtt_tree_per_plane (FENIMORE-875)
• RmiRealmFlags1::rtt_tree_per_plane is ignored if the Realm has no auxiliary Planes (FENIMORE-875)
• Replace “device certificate” with “device certificate chain” (FENIMORE-879)
• MEC: change statements regarding change of encryption context from rule to info (FENIMORE-880)
• RTT functions: pass RmmRealm instead of RD address
• PDEV setup flow: consistently number steps in diagram and text (FENIMORE-882)
• PDEV setup flow: remove SPDM_GET_DIGESTS call (FENIMORE-868)
• RMI_RTT_DESTROY: make “summary of command dependencies” table consistent with command (FENIMORE-892)
• Clarify description of output address of an ASSIGNED_NS RTT entry (FENIMORE-895)
• Permit context variables to depend on output values
  • Required to make the “rtte” context variable well-defined in RMI_RTT_READ_ENTRY (FENIMORE-896)
• RTT creation flow: remove constraint on Realm state (FENIMORE-897)
• RMI_DATA_DESTROY: make “output values” table consistent with success conditions (FENIMORE-899)
• Device certificate chain digest does not include an SPDM header (FENIMORE-867)
• Rename RDEV_NEW to RDEV_UNLOCKED (FENIMORE-891)
• {RMI,RSI_VERSION}: formalise failure and success conditions (FENIMORE-898)

Defects

• RMI_VDEV_DESTROY: decrement pdev.num_vdevs (FENIMORE-885)
• RMI_PDEV_DESTROY: fail if num_vdevs is not zero (FENIMORE-885)
• Add number of VDEVs to criteria for Realm liveness (FENIMORE-885)
• RMI_PDEV_SET_PUBKEY: add metadata (FENIMORE-878)
• RMI_PDEV_ABORT: allow aborted transaction to be restarted (FENIMORE-881)
• Remove support for shared MMIO (FENIMORE-883)
• RSI_RDEV_GET_MEASUREMENTS: simplify ABI by following SPDM GET_MEASUREMENTS (FENIMORE-890)
• RMI_RTT_DESTROY: add post-conditions for Unprotected IPA (FENIMORE-893)
• RMI_RTT_READ_ENTRY: add success condition for walk_level output (FENIMORE-896)
• RSI_REALM_CONFIG: revert accidental change to FID (FENIMORE-900)
• RMI_RTT_INIT_RIPAS: check state of all entries in range (FENIMORE-894)
• Add “S2AP indirect encoding” feature (FENIMORE-875)
• RSI_RDEV_GET_INFO: remove public key digest (FENIMORE-750)
• RSI access to a Protected IPA observes HIPAS and RIPAS values (FENIMORE-760, FENIMORE-862)
• RMI_RTT_AUX_MAP_PROTECTED: require primary RTTE to be valid (FENIMORE-870)
• RMI_DEV_MEM_MAP: add level input value (FENIMORE-886)
• Add RSI_RDEV_GET_INSTANCE_ID (FENIMORE-901)
• Prevent cacheable mappings to MMIO locations (FENIMORE-888)
• Do not enforce XN=1 for MMIO locations (FENIMORE-819)

Relaxations

None

1.1-alp9 (30-09-2024)

New features

None

Clarifications

• Clarify rules regarding execution of RSI_HOST_CALL by Pn
• State the device functionality required by the RMM (FENIMORE-837)
• Clarify transfer of GIC ownership on Plane exit

Defects

• RMI_REC_{CREATE,DESTROY}: add realm.num_recs to footprint (FENIMORE-859)
• RMI_RTT_SET_S2AP: don’t return RMI_ERROR_RTT{_AUX} if S2AP overlay index already matches requested value (FENIMORE-869)
• Remove RmiPdevFlags::spdm (FENIMORE-872)
• Simplify PDEV attributes and creation flags (FENIMORE-871)
• RMI_VDEV_ABORT: transition to VDEV_ERROR state (FENIMORE-856)
• RMI_RTT_AUX_{CREATE/DESTROY/FOLD}: return RMI_ERROR_RTT_AUX, not RMI_ERROR_RTT (FENIMORE-863)
• Update interrupt and timer rules to accommodate Pn being GIC owner (FENIMORE-866)
• Fix defects in HIPAS / RIPAS transition diagrams (FENIMORE-857)
  • The only permitted transition to RIPAS=IO is from HIPAS=ASSIGNED_DEV_*, RIPAS=EMPTY.
• RMI_RTT_AUX_UNMAP_{PROTECTED,UNPROTECTED}: return RMI_ERROR_RTT_AUX, not RMI_ERROR_RTT (FENIMORE-873)

Relaxations

None

1.0-rel0 (10-09-2024)

Clarifications

• RMI_RTT_READ_ENTRY: add ripas_prot success condition
• Clarify rules regarding Realm EL1 timer state
• Correct wording in “Initialize memory of New Realm” flow
• RecAuxCount return value is not greater than 16, and constant for a Realm (FENIMORE-796)
• Clarify purpose of CCA platform hash algorithm ID claim (FENIMORE-811)
• Clarify behaviour of RMI_REC_ENTER if RMI_EMULATED_MMIO flag is set following a REC exit not due to emulatable Data Abort
• RMI_RTT_READ_ENTRY: simplify expression of ripas_unprot pre-condition (FENIMORE-847)

Defects

• Correct typo in “REC entry” section [I_LFYDV]
• Add rule regarding Realm execution of data cache invalidate by set / way (FENIMORE-734)
• Remove SH from the set of Host-controlled Unprotected RTT attributes (FENIMORE-736)
• If LPA2 is enabled, ensure that PA written to RTTE is less than 2^48 (FENIMORE-752)
• RMI_RTT_SET_RIPAS: if base address is not aligned with entry at which RTT walk terminates, only fail if RIPAS of that entry does not match the requested value (FENIMORE-765)
• RMI_DATA_DESTROY: if address is mapped as block, level can be either 1 or 2 (FENIMORE-775)
• RMI_RTT_MAP_UNPROTECTED: remove reference to non-existent output value “nl” (FENIMORE-776)
• Make number of GICv3 List Register values discoverable (FENIMORE-779)
• RMI_REC_ENTER: if RMI_INJECT_SEA is set then RMI_EMULATED_MMIO is ignored (FENIMORE-782)
• Impose implementation defined limit on maximum number of RECs per Realm (FENIMORE-800)
• Allow Realm to query RIPAS of an IPA range (FENIMORE-802)
• Introduce RIPAS DEV value (FENIMORE-802)
• Add RPV to RsiRealmConfig (FENIMORE-810)
• Expand RmiFeatureRegister0::{NUM_BPS, NUM_WPS} to support up to 64 counters (FENIMORE-759)
• Attestation token: change profile value to be a versioned tag (FENIMORE-809)
• RSI_ATTESTATION_TOKEN_CONTINUE: add RSI_ERROR_UNKNOWN failure condition (FENIMORE-832)
• RmiFeatureRegister0::GICV3_NUM_LRS: report number of available LRs, minus one (FENIMORE-845)
• Simplify definition of NUM_BPS, NUM_WPS fields (FENIMORE-846)
• RMI_RTT_READ_ENTRY: ripas_unprot failure condition: change && to || (FENIMORE-861)
• RMI_RTT_INIT_RIPAS: correct inconsistency between text and command definition (FENIMORE-864)
• Fix defects in HIPAS / RIPAS transition diagrams (FENIMORE-857)
  • For transitions due to execution of RMI_RTT_DESTROY, remove from the diagram and describe in text.

Relaxations

• RMI_RTT_{INIT,SET}_RIPAS: relax “top_rtt_align” failure condition
  • The previous condition caused the command to fail if the “top” address was misaligned
  • This is replaced with “no_progress”, which only fails if the command does not modify any RTT entries

1.1-alp8 (29-08-2024)

New features

• Allow P0 to transfer GIC ownership to Pn on Plane entry (FENIMORE-855)

Clarifications

• REC exit from Pn: amend “HIPAS DESTROYED” to “RIPAS destroyed” (FENIMORE-825)
• Rename RMI_PDEV_SET_KEY -> RMI_PDEV_SET_PUBKEY (FENIMORE-824)
• Amend description of AUX_DESTROYED state (FENIMORE-822)
• Rename RsiIoCoherent -> RsiDevMemCoherent (FENIMORE-829)
• Clarify behaviour of RMI_REC_ENTER if RMI_EMULATED_MMIO flag is set following a REC exit not due to emulatable Data Abort
• RMI_RTT_READ_ENTRY: simplify expression of ripas_unprot pre-condition (FENIMORE-847)
• Reduce usage of term “IO” in DA-related parts of the spec (FENIMORE-854)
  • RmiIoAction -> RmiVdevAction
  • RmiIoData -> RmiDevCommData
  • RmiIoDelegateFlags -> RmiDevDelegateFlags
  • RmiIoEnter -> RmiDevCommEnter
  • RmiIoEnterStatus -> RmiDevCommStatus
  • RmiIoExit -> RmiDevCommExit
  • RmiIoExit -> RmiDevCommExitFlags
  • RmiIoRequestType -> RmiDevCommProtocol
  • RmiIoShared -> RmiDevMemShared
  • RmmIoState -> RmmDevCommState
  • RmmIoShared -> RmmDevMemShared
  • REC exit due to IO -> REC exit due to device communication
  • RmiRecExit::io_vdev -> RmiRecExit::vdev
  • RmiRecExit::io_action -> RmiRecExit::vdev_action
  • RIPAS IO -> RIPAS DEV
  • Granule states IO_{PRIVATE,SHARED}, IO_DELEGATED_{PRIVATE,SHARED}, IO_UNDELEGATED -> DEV_{PRIVATE,SHARED}, DEV_DELEGATED_{PRIVATE,SHARED}, DEV_UNDELEGATED
  • RMI_GRANULE_IO_{DELEGATE,UNDELEGATE} -> RMI_GRANULE_DEV_{DELEGATE,UNDELEGATE}
  • RMI_IO_{CREATE,DESTROY} -> RMI_DEV_MEM_{MAP,UNMAP}
  • RSI_RDEV_VALIDATE_IO -> RSI_RDEV_VALIDATE_MAPPING
• Replace “Plane exit due to IRQ” with “Plane exit due to synchronous exception”
• Update ECDSA reference (FENIMORE-831)

Defects

• RMI_RTT_AUX_DESTROYED: on success, change RTTE state to AUX_DESTROYED (FENIMORE-827)
• RSI_PLANE_ENTER: fail if plane_idx is zero (FENIMORE-826)
• Add RsiRealmConfig::gicv3_vtr (FENIMORE-807)
• On REC entry, go to P0 if Pn has a maintenance interrupt pending (FENIMORE-830)
• RSI_ATTESTATION_TOKEN_CONTINUE: add RSI_ERROR_UNKNOWN failure condition (FENIMORE-832)
• Remove RMI_RTT_AUX_READ_ENTRY (FENIMORE-823)
• RMI_RTT{_AUX}DESTROY sets S2AP overlay index to 0 (FENIMORE-820)
• RMI_RTT_AUX_MAP_{PROTECTED,UNPROTECTED}: correct calculation of output address (FENIMORE-828)
• RmiFeatureRegister0::GICV3_NUM_LRS: report number of available LRs, minus one (FENIMORE-845)
• Simplify definition of NUM_BPS, NUM_WPS fields (FENIMORE-846)
• Add RMI_{PDEV,VDEV}_AUX_COUNT; remove RmiFeatureRegister0::{PDEV,VDEV}_NUM_AUX (FENIMORE-833)
• Allow RMI_FEATURES to report that auxiliary RTTs are not supported (FENIMORE-842)
• Replace IDE_{LINK,SEL,LINK_SEL} with “device protection” enum (FENIMORE-848)
• Enforce that vdev.tdi_id is unique within a segment (FENIMORE-849)
• Enforce that vdev.tdi_id is within PDEV RID range (FENIMORE-850)
• Enforce 1:1 mapping from vdev_id to VDEV within a Realm (FENIMORE-851)
• Add RMI_VDEV arguments required for locking discipline (FENIMORE-852)
• Cacheability attributes for device memory are defined by stage 1 (FENIMORE-858)

1.1-alp7 (09-07-2024)

New features

• Memory Encryption Contexts (MEC) (FENIMORE-788)
• Support for coherent devices and platform devices (FENIMORE-814)
  • Introduce concepts of platform-attested and independently-attested devices
  • Describe differences and commonalities in communication flows for devices with / without SPDM
  • RMI_PDEV_CREATE: replace device class with flags (SPDM, IDE)
  • PDEV: increase maximum number of auxiliary granules to 32
  • VDEV: introduce auxiliary granules
  • RMI_IO_CREATE
    • Remove flags input value
    • Permit MemAttr to specify either a cacheable or a non-cacheable mapping
  • Rename RSI_RDEV_CONFIG -> RSI_RDEV_GET_INFO
  • RSI_RDEV_GET_INFO: permit execution in any RDEV state
  • Introduce REC exit due to VDEV request, RMI_VDEV_COMPLETE
  • RSI_RDEV_VALIDATE_IO: add “coherent” flag

Clarifications

• Fix typo in “HIPAS change while Realm state is ACTIVE” diagram (FENIMORE-794)
• Correct command signatures in “Realm validation of MMIO” flow (FENIMORE-795)
• Rename Firmware Component Measurement Log (FCML) -> Firmware Activity Log (FAL) (FENIMORE-798)
• Correct wording in “Initialize memory of New Realm” flow
• RecAuxCount return value is not greater than 16, and constant for a Realm (FENIMORE-796)
• Clarify behavior of Pn instruction fetch from Unprotected IPA
• Fix pseudocode for S2AP change (FENIMORE-805)
• Clarify purpose of CCA platform hash algorithm ID claim (FENIMORE-811)
• Clarify that RSI_RDEV_VALIDATE_IO does not permit change from RIPAS DESTROYED (FENIMORE-785)

Defects

• Rename RSI_RDEV_GET_DIGESTS -> RSI_RDEV_CONFIG (FENIMORE-751)
• Allow Host to select PDEV hash algorithm (FENIMORE-751)
• Impose implementation defined limit on maximum number of RECs per Realm (FENIMORE-800)
• Remove RmiIoRequestType::RMI_DISCOVERY (FENIMORE-772)
• RMI_RTT_SET_S2AP: add rtt_tree output value (FENIMORE-806)
• Allow Realm to query RIPAS of an IPA range (FENIMORE-802)
• Allow RSI_HOST_CALL execution by Pn to directly exit to the Host (FENIMORE-804)
• On REC exit from Pn, timer state reported to Host is the earliest of P0 and Pn timers (FENIMORE-801)
• Move Pn EL1 sysreg access from RSI_PLANE_ENTER to RSI_PLANE_REG_{READ,WRITE} (FENIMORE-773)
• Add RPV to RsiRealmConfig (FENIMORE-810)
• Expand RmiFeatureRegister0::{NUM_BPS, NUM_WPS} to support up to 64 counters (FENIMORE-759)
• Add S2AP to criteria for RTT homogeneity, when HIPAS=ASSIGNED (FENIMORE-818)

Relaxations

None

1.1-alp6 (31-05-2024)

New features

• Introduce Live Firmware Activation policy (FENIMORE-780)
• Add flag in platform token, indicating whether a software component may be live-activated (FENIMORE-781)
• Make number of GICv3 List Register values discoverable (FENIMORE-779)
• Support for countersignatures on software components (FENIMORE-793)

Clarifications

• Fix typo in “HIPAS change while Realm state is NEW” diagram
• Add RTT_AUX to Granule state diagram (FENIMORE-784)
• Planes: clarifications
  • Exception model
    • Amend initial state in “Between a Plane entry and a Plane exit, a REC exit and REC entry may occur”
    • Remove statement that “On Plane entry, all RsiPlaneEnter fields are ignored unless specified otherwise”
    • Regarding “An exception due to any of the following in Pn cause a REC exit to the Host …”
      • Introduce “REC exit from Pn” heading to provide appropriate context
      • Separate synchronous and asynchronous exceptions
    • Add rule that REC entry with a Pending virtual interrupt causes return to P0
    • Reword info statements regarding action taken by P0 in response to a Plane exit, to remove suggestion that this is an exhaustive list
    • Remove statement that “all other RsiPlaneExit fields are zero” following Plane exit due to Synchronous Exception
  • Memory management
    • Reword overview to introduce “S2AP base index”
    • Remove (“The number of S2AP overlay indices is 16”) as this is specified by the Arm ARM
    • Reword description of execute permission in Unprotected IPA space
    • RmiRealmFlags: remove comment that rtt_tree_pp is ignored if the Realm has a single Plane
    • Correct implementation note to say that S2AP cookie should always be zero if the Realm is configured to use a shared RTT tree
    • Remove incorrect statement that RSI_MEM_SET_PERM_INDEX does not return a “top” address
• DA
  • Fix typo in RDEV state diagram
  • Make explicit the relationship between RDEV state and SMMU enablement (FENIMORE-787)
  • Remove SPDM_CHALLENGE step from PDEV setup flow (FENIMORE-761)

Defects

• RSI_MEM_SET_PERM_VALUE: fail if Plane index is zero (FENIMORE-778)
• RMI_REC_ENTER: if RMI_INJECT_SEA is set then RMI_EMULATED_MMIO is ignored (FENIMORE-782)
• RMI_PDEV_COMMUNICATE: add missing success conditions (FENIMORE-786)
• Separate Realm flags into measured and unmeasured sets (FENIMORE-792)
  • Rename RmiRealmFlags -> RmiRealmFlags0
  • Move rtt_tree_pp from RmiRealmFlags0 to RmiRealmFlags1

Relaxations

None

1.1-alp5 (30-04-2024)

New features

None

Clarifications

None

Defects

• Planes: add rules regarding EL1 timers
• RMI_VDEV_{COMMUNICATE,CREATE}: add pdev.num_vdevs to footprint (FENIMORE-774)
• RMI_DATA_DESTROY: if address is mapped as block, level can be either 1 or 2 (FENIMORE-775)
• RMI_RTT_MAP_UNPROTECTED: remove reference to non-existent output value “nl” (FENIMORE-776)
• Reduce number of available memory permission overlay indices to 15 (FENIMORE-777)

Relaxations

None

1.1-alp4 (03-04-2024)

New features

None

Clarifications

• Add rationale for permitting RSI_RDEV_GET_MEASUREMENTS while the RDEV is in RDEV_NEW state (FENIMORE-745)
• Add rationale for Host storage of device attestation evidence (FENIMORE-741)

Defects

• RmmRdev: add linkage to corresponding RmmVdev (FENIMORE-746)
• RMI_PDEV_SET_PUBKEY: add failure condition for invalid key length (FENIMORE-740)
• RMI_RTT_SET_RIPAS: if base address is not aligned with entry at which RTT walk terminates, only fail if RIPAS of that entry does not match the requested value (FENIMORE-765)
• Specify that maximum number of auxiliary Planes is either 0 or 3 (FENIMORE-769)
• Specify S2AP change flow (FENIMORE-770)
  • Follow a pattern similar to the RIPAS change flow, including allowing the Host to reject an S2AP change request.
• Remove misleading transition to PDEV_ERROR in response to Host reporting RMI_IO_ERROR (FENIMORE-764)
• Rename RMI_SECURE_SPDM to RMI_SECURE_CMA_SPDM (FENIMORE-767)
• RMI_PDEV_ABORT: amend failure / success conditions to match state transition diagram (FENIMORE-768)
• RMI_PDEV_SET_PUBKEY: add success condition which sets io_state to IO_PENDING (FENIMORE-771)

Relaxations

None

1.1-alp3 (31-01-2024)

Clarifications

• Update “RTT walk” section to reflect addition of auxiliary RTTs (FENIMORE-737)
• RmiPdevEventIsValid(): remove pdev argument (FENIMORE-747)
• RMI_RTT_DESTROY: add ordering “rtte_state < rtt_live” (FENIMORE-748)
• Planes: fix typo in description of memory permission overlay index lock bit (FENIMORE-753)
• VDEV teardown flow: remove RMI_IO_DESTROY calls (FENIMORE-756)
• Clarify meaning of “secure SPDM” (FENIMORE-743)
• Address review feedback on Planes chapter
  • Replace use of undefined term “P0 memory” (in reference to RsiPlaneRun object) with “Realm memory”.
  • Clarify that the access permissions which can vary between Planes are at stage 2.
  • Clarify the subset of REC exits in which an RTT tree index is returned to the Host.
  • Use “rec_exit” and “plane_exit” to avoid ambiguity.
  • Append to list of Pn actions which result in REC exit to the Host.
  • Each Plane has a unique VMID, regardless of whether there exists an RTT tree per Plane.
  • Limit the statement “if an IPA is auxiliary-live then the corresponding entry in the primary RTT is live” to apply only to Protected IPA space.
  • Correct statement regarding variance of stage 2 permissions among Planes for an Unprotected IPA.

Defects

• If LPA2 is enabled, ensure that PA written to RTTE is less than 2^48 (FENIMORE-752)
• On REC exit due to Data Abort / Instruction Abort, provide the index of the RTT tree (FENIMORE-749)
• RSI_MEM_SET_PERM_INDEX: add success condition which sets lock bit (FENIMORE-754)
• On RIPAS change to RAM, reset memory permission overlay index to 0 (FENIMORE-755)
• Introduce RMI_ERROR_RTT_AUX (FENIMORE-757)
• RSI_PLANE_ENTER: add plane_idx; move run_ptr from output to input (FENIMORE-758)
• RSI_PLANE_ENTER: add failure and success conditions
• Add RMI_PDEV_IDE_RESET command (FENIMORE-726)
• Reassign FIDs for commands added in RMM 1.1, to avoid overlap between RMI and RSI

Relaxations

None

1.1-alp2 (11-12-2023)

New features

None

Defects

• RSI_RDEV_VALIDATE_IO: add “private / shared” flag (FENIMORE-732)
• Add rule regarding Realm execution of data cache invalidate by set / way (FENIMORE-734)

Relaxations

None

Defects

• RMI_RTT_READ_ENTRY: add success condition for HIPAS=ASSIGNED_IO_* (FENIMORE-733)
• Remove SH from the set of Host-controlled Unprotected RTT attributes (FENIMORE-736)

1.1-alp1 (06-11-2023)

New features

• Planes (FENIMORE-731)
  • RmiFeatureRegister0: add RTT_TREE_SINGLE, MAX_NUM_AUX_PLANES fields
  • RmiRealmFlags: add RTT_TREE_PP field
  • RmiRealmParams: add members
    • num_aux_planes
    • rtt_tree_pp
    • aux_vmid
    • aux_rtt_base
  • RmmRealm
    • Add members
      • rtt_tree_pp
      • num_aux_planes
    • Change type of members to “array of per-Plane values”
      • vmid
      • rtt_base
  • Functions
    • Add functions to compare arrays of per-Plane values
      • RealmRttBaseEqual()
      • RealmVmidEqual()
    • Modify signatures to accept array of per-Plane values
      • VmidIsFree() -> VmidsAreFree()
      • VmidIsValid() -> VmidsAreValid()
    • Modify signature of RttWalk() to take an RTT tree index
  • RMI_REALM_CREATE
    • Add success conditions
      • rtt_tree_pp
      • num_aux_planes
  • Add RMI_RTT_AUX_* commands for manipulation of auxiliary RTTs
  • RMI_{DATA_CREATE,RTT_SET_RIPAS}: add failure condition if IPA is live in an auxiliary RTT
  • Add RSI_PLANE_ENTER and describe Plane exception model
  • Add RSI_MEM_* commands and describe memory access permission management
  • RsiRealmConfig: add num_aux_planes
  • RsiFeatureRegister0: add MRO field

Clarifications

• Realm device assignment

  • Replace references to DOE, ECAM, IDE with reference to PCIe 6.0
  • Amend “Realm device assignment overview” to correctly describe flow for retrieval of device interface report and device measurements
  • Amend “Device requests and responses” to include RSI_RDEV_GET_{INTERFACE_REPORT,MEASUREMENTS}
  • Amend IDE setup flow to include RSI_RDEV_{LOCK,GET_INTERFACE_REPORT,GET_MEASUREMENTS}
  • Clarify that RSI_RDEV_CONTINUE causes a REC exit due to IO, which must be completed by Host execution of RMI_VDEV_COMMUNICATE
  • Amend “Virtual device teardown flow” to show disabling of SMMU on RSI_VDEV_STOP
  • Remove incorrect statement that IPA base is present in the interface report
  • Amend description of RSI_RDEV_STOP: in-flight transactions may still complete, but future device accesses to Realm memory are blocked
  • RMI_PDEV_NOTIFY: add check for validity of event identifier
  • State that VDEV and RDEV are Host and Realm views of the same underlying RMM object
  • Describe relationship between RDEV state and TDI state

• Compress rendering of array struct members

• Consistently postfix name of “before: true” context values with “_pre”

• Replace inline “Realm(rd)” expressions with “realm” context value

• Replace inline “Rec(rec_ptr)” expressions with “rec” context value

• Improve consistency of function names

  • Casting a memory location to an object is suffixed “At”, for example “RecAt”
  • Casting an object to an interface type is suffixed “To”, for example “RttEntryStateToRmi”
  • Rename RttEntryFromDescriptor() to RttDescriptorDecode()

• RMI_RTT_READ_ENTRY: add ripas_prot success condition

• Feature discovery and selection

  • Rename RmiFeatureRegister0 fields
    • SVE_EN -> SVE
    • PDEV_AUX -> PDEV_NUM_AUX
    • PMU_EN -> PMU
  • {RMI,RSI}_FEATURES: add {Rmi,Rsi}FeatureRegisterEncode() functions
    • Formalise the mapping from features supported by the platform to the output value of these commands
  • RMI_REALM_CREATE: implement RealmParamsSupported()
    • Formalise the check that input values to this command are compatible with features supported by the platform

Defects

• Realm device assignment
  • RTT folding: for ASSIGNED_IO_*, require that memory attributes (which are Host-controlled) are the same for all entries
  • Permit Host to specify any Device memory attributes for an IO mapping
  • Specify that IO mappings are Outer Shareable
  • Remove RmiIoEnter::req_size, and state that the Host should always provide a 4KB request buffer
  • Add RmiIoExit::req_type, to inform Host via which mailbox to route the device request
  • RSI_RDEV_GET_DIGESTS: do not trigger REC exit due to IO
• Correct typo in “REC entry” section [I_LFYDV]

Relaxations

• Realm device assignment
  • RMI_{IO_}_GRANULE_UNDELEGATE: permit new GPT entry to be any value except GPT_REALM
• RMI_RTT_{INIT,SET}_RIPAS: relax “top_rtt_align” failure condition
  • The previous condition caused the command to fail if the “top” address was misaligned
  • This is replaced with “no_progress”, which only fails if the command does not modify any RTT entries

1.1-alp0 (05-10-2023)

New features

• Realm device assignment (FENIMORE-722)
  • New Granule states: PDEV{AUX}, VDEV, IO{UNDELEGATED,DELEGATED_PRIVATE,DELEGATED_SHARED}, IO_{PRIVATE,SHARED}
    • RMI commands for (un)delegation of IO physical memory
  • New RMM objects: PDEV, VDEV
    • RMI commands for creation, destruction and lifecycle management
  • Realm-facing abstraction for an assigned device: RDEV
  • RMM-device communication flow (protected by SPDM)
    • Mediated through “REC exit due to IO”, RMI_{PDEV,VDEV}_COMMUNICATE commands and buffers in NS memory
    • When triggered by a Realm action, managed via an “interruptible operation” programming interface, similar to the existing one for RSI_ATTESTATION_TOKEN commands
  • Host caching of device attestation evidence (certificate, measurements, interface report), with integrity ensured via RMM-held digests
  • New HIPAS values (ASSIGNED_IO_PRIVATE, ASSIGNED_IO_SHARED) and RIPAS value (IO)
    • Extension of rules regarding Realm access to Protected IPA space
    • Extension of rules regarding RTT (un)folding
  • Extension of RIPAS change flow for the purpose of validating mappings against the device interface report, and transition to RIPAS IO

Clarifications

None

Defects

None

Relaxations

None

1.0-eac5 (05-10-2023)

Clarifications

• Fix attestation token flows (FENIMORE-718)
• Clarify behavior on Host rejection of a RIPAS change request (FENIMORE-719)
• Replace Granule::pas attribute with Granule::gpt
  • PAS is an attribute of a memory access, not of a Granule.

Defects

• {RMI,RSI}_VERSION: (FENIMORE-724)
  • Clarify rules regarding returned interface version, and provide examples
  • Remove rule that if the return code is SUCCESS, subsequent calls to the interface adhere to the behavior corresponding with the returned interface version
• Specify that SMCCC registers not specified as command input / output values are SBZ and MBZ respectively (FENIMORE-724)
• RSI_ATTESTATION_TOKEN_INIT: return upper bound on token size (FENIMORE-720)
• RMI_DATA_CREATE: move RIPAS=RAM from being a pre-condition to a post-condition (FENIMORE-721)

Relaxations

None

1.0-eac4 (06-09-2023)

Clarifications

• Exclude GIC, timer and PMU values from “On REC exit … all other REC exit fields are zero” (FENIMORE-712)
• Amend contradictory statement regarding RTT folding to level 1 (FENIMORE-715) [I_QWQSB]

Defects

• RMI_RTT_{INIT,SET}_RIPAS: fix “top” alignment check
  • Ensure that “top” is Granule aligned (FENIMORE-710)
  • Ensure that return code is deterministically specified (FENIMORE-711)
  • Prevent RIPAS change from proceeding beyond the “top” address provided by the Realm (FENIMORE-711)
• {RMI,RSI}_VERSION: add handshake (FENIMORE-708)
  • The caller provides a “requested version”
  • The RMM either returns:
    • A version which it can implement, that is compatible with the requested version (and a SUCCESS return code)
    • A version which it implements, that is incompatible with the requested version (and an error code)
  • If the return code is SUCCESS, subsequent calls to the interface adhere to the behavior corresponding with the returned interface version
• Increase width of PsciReturnCode to 64 bits (FENIMORE-709)

Relaxations

• RMI_REALM_CREATE: permit number of PMU counters to be less than number supported by the implementation (FENIMORE-716)
• RMI_REALM_CREATE: permit number of breakpoints or watchpoints to be less than number supported by the implementation (FENIMORE-717)

1.0-eac3 (20-07-2023)

Clarifications

• Clarify which bits of command input / output values should / must be zero (FENIMORE-674)
• Explain distinction between concrete and abstract types (FENIMORE-693)
• Clarify return value from RSI_IPA_STATE_SET when stopping at first DESTROYED entry (FENIMORE-699) [I_GXDDX]

Defects

• PSCI_SYSTEM_{OFF,RESET}: change Realm state to SYSTEM_OFF (FENIMORE-694)
• RMI_REC_CREATE: update RIM only if runnable flag is set (FENIMORE-697)
• RMI_REALM_CREATE: fix list of measured parameters (FENIMORE-695)
• Remove members from RmmSystemRegisters (FENIMORE-700)
  • State saved / restored depends on architecture features supported by the platform, so defining this type as an empty placeholder
• Avoid use of reserved ASL v1 keyword “entry” in MRS (FENIMORE-702)
  • RmiRecEntry -> RmiRecEnter
  • RmiRecEntryFlags -> RmiRecEnterFlags
  • RmiRecRun::entry -> RmiRecRun::enter
  • RmmRttWalkResult::entry -> RmmRttWalkResult::rtte
• RSI_IPA_STATE_SET: prohibit RSI_DESTROYED input value (FENIMORE-705)
• RMI_PSCI_COMPLETE: PSCI_CPU_ON: fix copy of context_id to target CPU X0 (FENIMORE-703)
• Allow Host to reject request to change RIPAS to RAM (FENIMORE-661)
• Allow Host to reject PSCI_CPU_ON request via RMI_PSCI_COMPLETE (FENIMORE-706)

Relaxations

• Permit folding of level 2 RTT to create level 1 block mapping (FENIMORE-608)
• Remove restriction that attestation token size must not exceed 4KB (FENIMORE-691)

1.0-eac2 (07-06-2023)

Clarifications

• Remove reference to triggering ERROR_INPUT by setting MBZ bit to 1 (FENIMORE-675)
• Clarify constraints on output values in case of command failure [R_TFZMS] (FENIMORE-676)
• Clarify encoding of RmiRealmParams::sve_sz (FENIMORE-684)
• Clarify set of SMCCC interfaces available to a Realm [R_NPLKX] (FENIMORE-685)

Defects

• Replace PMU fields in RmiRecExit with single bit indicating the PMU overflow status [R_WXTZF] (FENIMORE-679)
• RMI_PSCI_COMPLETE: failure condition should compare against MPIDR, not RD address (FENIMORE-681)
• RMI_REC_CREATE: remove params_valid failure condition (FENIMORE-686)
• RMI_RTT_{INIT,SET}_RIPAS: check alignment of “top” input value (FENIMORE-687)
• Reduce coupling between HIPAS and RIPAS (FENIMORE-680)
  • Replace HIPAS=DESTROYED with RIPAS=DESTROYED
  • Remove RmiRttEntryState::RMI_DESTROYED
  • Change encoding of RmiRttEntryState::RMI_TABLE
  • Add RmiRipas::RMI_DESTROYED
  • Add RsiRipas::RSI_DESTROYED
  • RMI_DATA_CREATE_UNKNOWN: remove pre-condition that RIPAS=RAM
  • RMI_DATA_DESTROY:
    • In all cases, post-condition now states that HIPAS=UNASSIGNED
    • If pre-condition was RIPAS=RAM, post-condition states that RIPAS=DESTROYED
  • RMI_RTT_DESTROY:
    • Remove post-condition that HIPAS=DESTROYED
    • Add post-condition that state of parent RTTE is UNASSIGNED
    • Add post-condition that RIPAS=DESTROYED
  • RMI_RTT_SET_IPA_STATE: stop at first DESTROYED entry if “destroyed” flag is set
  • RSI_IPA_STATE_SET: add “destroyed” flag
  • Clarify distinction between “RTT folding” [D_QPXCP] and “RTT destruction” [D_VXRZW]
• RMI_RTT_INIT_RIPAS: success conditions should be bounded by walk_top, not top

Relaxations

• RSI_REALM_CONFIG: provide Realm hash algorithm (FENIMORE-678)

1.0-eac1 (31-03-2023)

Clarifications

• Unused bits of RmiRecEntry::gicv3_hcr are SBZ [I_SMHXB] (FENIMORE-666)
• RMI_REC_ENTER: all RMI_ERROR_INPUT failure conditions precede all RMI_ERROR_REC failure conditions (FENIMORE-668)
• Avoid use of raw Xn values in command conditions where possible (FENIMORE-671)
• Clarify definition of REC exit due to (Non-)emulatable Data Abort [D_CYRMT, D_MTZMC] (FENIMORE-673)

Defects

• RMI_RTT_INIT_RIPAS: take account of “top” IPA value when calculating RIM contribution (FENIMORE-662)
• RttSkipEntriesWithRipas: fix inverted logic (FENIMORE-663)
• RMI_RTT_SET_RIPAS: on success, modify IPA range [base, walk_top) (FENIMORE-669)
• RMI_RTT_{INIT,SET}_RIPAS: remove redundant failure conditions (FENIMORE-670)
• Clarify HIPAS=DESTROYED implies RIPAS=UNDEFINED [R_JYDRL] (FENIMORE-672)

Relaxations

• RSI_HOST_CALL: relax alignment requirement from 4KB to 256B

1.0-eac0 (31-01-2023)

Clarifications

None

Defects

• RmiRealmParams: reduce width of integer attributes (FENIMORE-647)
• RSI_IPA_STATE_SET: replace (base, size) with (base, top) (FENIMORE-656)
• RMI_RTT_INIT_RIPAS, RMI_RTT_SET_RIPAS: allow single command to modify multiple RTT entries (FENIMORE-656)

Relaxations

• RMI_RTT_SET_RIPAS: remove “ripas” input value (FENIMORE-659)

1.0-bet2 (16-12-2022)

Clarifications

• Flows: update RMI_REC_ENTRY to take a single ‘run’ input value
• Clarify meaning of “TTD” [I_YMNSR] (FENIMORE-641)
• Fix typo in reference to “CCA platform token claim map” [I_FJKFY] (FENIMORE-647)
• Fix reference to “RME system architecture spec” (FENIMORE-648)
• Flows: remove stale reference to parameters passed to RMI_DATA_CREATE (FENIMORE-649)
• Improve definition and constistency of usage of the term “REC” (FENIMORE-650)
  • Where referring to the RMM data structure “REC object” is now used
• Clarify description of properties of Realm IPA space [I_TPGKW] (FENIMORE-639)
  • Replace “permitted, under control of host” with statements which refer to particular HIPAS values.
  • Add “Protected IPA, HIPAS=DESTROYED” row, thereby removing contradictory statements regarding SEA taken to Realm, previously in “Protected IPA, RIPAS=EMPTY”.
• On assertion of an EL1 timer, the RMM guarantees a REC exit, not only a Realm exit (FENIMORE-651)
• RMI_RTT_FOLD: preserve RIPAS value if IPA is Protected (FENIMORE-638)

Defects

• Attestation: wrap sub-tokens in byte stream (FENIMORE-643)
• RMI_DATA_DESTROY, RMI_RTT_{DESTROY,FOLD}: return PA of destroyed object (FENIMORE-563)
• RMI_REALM_DESTROY, RMI_REC_DESTROY, RMI_REC_ENTER, RMI_RTT_DESTROY, RMI_RTT_FOLD, RMI_RTT_SET_RIPAS: Remove RMI_ERROR_IN_USE (FENIMORE-588)
• RMI_DATA_CREATE, RMI_DATA_CREATE_UNKNOWN, RMI_REC_CREATE, RMI_RTT_CREATE: pass RD pointer in X1 (FENIMORE-655)
• Replace RmiRealmParams::features_0 with discrete fields (FENIMORE-655)
• RMI_DATA_CREATE(_UNKNOWN): require RIPAS=RAM (FENIMORE-645)
• Apply “must / should be zero” consistently (FENIMORE-619)
  • In command inputs, unused bits are SBZ
  • In command outputs, unused bits are MBZ

Relaxations

• RSI_HOST_CALL: expand set of GPRs to X0-X30 (FENIMORE-607)
  • This enables the RMM to support any calling convention.
• RMI_DATA_DESTROY, RMI_RTT_DESTROY, RMI_RTT_UNMAP_UNPROTECTED: return IPA of next live RTT entry (FENIMORE-563)

1.0-bet1 (31-10-2022)

Clarifications

• Rename HIPAS VALID_NS -> UNASSIGNED (FENIMORE-631)
• SEA injection is independent of whether Host emulates MMIO (FENIMORE-632)
• In RIPAS change flow, permit Host to apply the change to zero or more pages of the target IPA region (FENIMORE-633)
• Flows: replace HVC with Host call (FENIMORE-611)
• Clarify behavior of VmidIsValid() function (FENIMORE-630)
• Qualify “all other exit fields are zero” statements [R_GTJRP, R_LRCFP] (FENIMORE-634)
  • GIC, timer and PMU fields are valid on every REC exit.

Defects

• Change size of RsiHostCall type to 256 bytes (FENIMORE-629)
• Correct the set of ESR_EL2 fields which are returned to the Host on REC exit due to Data abort [R_RYVFL]
  • On all Data Aborts, add FnV.
  • On Emulatable Data Aborts, add SF.
  • On Non-emulatable Data Abort at an Unprotected IPA, add IL.

Relaxations

None

Arm Non-Confidential Document License (“License”)

This License is a legal agreement between you and Arm Limited (“Arm”) for the use of Arm’s intellectual property (including, without limitation, any copyright) embodied in the document accompanying this License (“Document”). Arm licenses its intellectual property in the Document to you on condition that you agree to the terms of this License. By using or copying the Document you indicate that you agree to be bound by the terms of this License.

“Subsidiary” means any company the majority of whose voting shares is now or hereafter owned or controlled, directly or indirectly, by you. A company shall be a Subsidiary only for the period during which such control exists.

This Document is NON-CONFIDENTIAL and any use by you and your Subsidiaries (“Licensee”) is subject to the terms of this License between you and Arm.

Subject to the terms and conditions of this License, Arm hereby grants to Licensee under the intellectual property in the Document owned or controlled by Arm, a non-exclusive, non-transferable, non-sub-licensable, royalty-free, worldwide License to:

1. use and copy the Document for the purpose of designing and having designed products that comply with the Document;

2. manufacture and have manufactured products which have been created under the License granted in (i) above; and

3. sell, supply and distribute products which have been created under the License granted in (i) above.

Licensee hereby agrees that the Licenses granted above shall not extend to any portion or function of a product that is not itself compliant with part of the Document.

Except as expressly licensed above, Licensee acquires no right, title or interest in any Arm technology or any intellectual property embodied therein.

The content of this document is informational only. Any solutions presented herein are subject to changing conditions, information, scope, and data.  This document was produced using reasonable efforts based on information available as of the date of issue of this document.  The scope of information in this document may exceed that which Arm is required to provide, and such additional information is merely intended to further assist the recipient and does not represent Arm’s view of the scope of its obligations.  You acknowledge and agree that you possess the necessary expertise in system security and functional safety and that you shall be solely responsible for compliance with all legal, regulatory, safety and security related requirements concerning your products, notwithstanding any information or support that may be provided by Arm herein. In addition, you are responsible for any applications which are used in conjunction with any Arm technology described in this document, and to minimize risks, adequate design and operating safeguards should be provided for by you.

Reference by Arm to any third party’s products or services within this document is not an express or implied approval or endorsement of the use thereof.

THE DOCUMENT IS PROVIDED “AS IS”. ARM PROVIDES NO REPRESENTATIONS AND NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF MERCHANTABILITY, SATISFACTORY QUALITY, NON-INFRINGEMENT OR FITNESS FOR A PARTICULAR PURPOSE WITH RESPECT TO THE DOCUMENT. Arm may make changes to the Document at any time and without notice. For the avoidance of doubt, Arm makes no representation with respect to, and has undertaken no analysis to identify or understand the scope and content of, third party patents, copyrights, trade secrets, or other rights.

NOTWITHSTANDING ANYTHING TO THE CONTRARY CONTAINED IN THIS LICENSE, TO THE FULLEST EXTENT PERMITTED BY LAW, IN NO EVENT WILL ARM BE LIABLE FOR ANY DAMAGES, IN CONTRACT, TORT OR OTHERWISE, IN CONNECTION WITH THE SUBJECT MATTER OF THIS LICENSE (INCLUDING WITHOUT LIMITATION) (I) LICENSEE’S USE OF THE DOCUMENT; AND (II) THE IMPLEMENTATION OF THE DOCUMENT IN ANY PRODUCT CREATED BY LICENSEE UNDER THIS LICENSE). THE EXISTENCE OF MORE THAN ONE CLAIM OR SUIT WILL NOT ENLARGE OR EXTEND THE LIMIT. LICENSEE RELEASES ARM FROM ALL OBLIGATIONS, LIABILITY, CLAIMS OR DEMANDS IN EXCESS OF THIS LIMITATION.

This License shall remain in force until terminated by Licensee or by Arm. Without prejudice to any of its other rights, if Licensee is in breach of any of the terms and conditions of this License then Arm may terminate this License immediately upon giving written notice to Licensee. Licensee may terminate this License at any time. Upon termination of this License by Licensee or by Arm, Licensee shall stop using the Document and destroy all copies of the Document in its possession. Upon termination of this License, all terms shall survive except for the License grants.

Any breach of this License by a Subsidiary shall entitle Arm to terminate this License as if you were the party in breach. Any termination of this License shall be effective in respect of all Subsidiaries. Any rights granted to any Subsidiary hereunder shall automatically terminate upon such Subsidiary ceasing to be a Subsidiary.

The Document consists solely of commercial items. Licensee shall be responsible for ensuring that any use, duplication or disclosure of the Document complies fully with any relevant export laws and regulations to assure that the Document or any portion thereof is not exported, directly or indirectly, in violation of such export laws.

This License may be translated into other languages for convenience, and Licensee agrees that if there is any conflict between the English version of this License and any translation, the terms of the English version of this License shall prevail.

The Arm corporate logo and words marked with ® or ™ are registered trademarks or trademarks of Arm Limited (or its subsidiaries) in the US and/or elsewhere. All rights reserved.  Other brands and names mentioned in this document may be the trademarks of their respective owners. No license, express, implied or otherwise, is granted to Licensee under this License, to use the Arm trade marks in connection with the Document or any products based thereon. Visit Arm’s website at http://www.arm.com/company/policies/trademarks for more information about Arm’s trademarks.

The validity, construction and performance of this License shall be governed by English Law.

Copyright © 2022-2026 Arm Limited (or its affiliates). All rights reserved. 

Arm Limited. Company 02557590 registered in England.

110 Fulbourn Road, Cambridge, England CB1 9NJ.

Arm document reference: PRE-21585

version 5.0, March 2024