initial commit

Initial commit to split out meta-ledge-bsp from meta-ledge
repo.

Signed-off-by: Maxim Uvarov <maxim.uvarov@linaro.org>

39 files changed, 2653 insertions, 0 deletions

diff --git a/conf/layer.conf b/conf/layer.conf
new file mode 100644
index 0000000..4bc70de
--- /dev/null
+++ b/conf/layer.conf
@@ -0,0 +1,14 @@
+# We might have a conf and classes directory, append to BBPATH
+BBPATH .= ":${LAYERDIR}"
+
+# We have a recipes directory, add to BBFILES
+BBFILES += "${LAYERDIR}/recipes*/*/*.bb ${LAYERDIR}/recipes*/*/*.bbappend"
+
+BBFILE_COLLECTIONS += "meta-trusted-substrate"
+BBFILE_PATTERN_meta-trusted-substrate := "^${LAYERDIR}/"
+BBFILE_PRIORITY_meta-trusted-substrate = "9"
+
+# This should only be incremented on significant changes that will
+# cause compatibility issues with other layers
+LAYERVERSION_meta-trusted-substrate = "1"
+LAYERSERIES_COMPAT_meta-trusted-substrate = "hardknott gatesgarth"
diff --git a/conf/machine/ledge-qemuarm.conf b/conf/machine/ledge-qemuarm.conf
new file mode 100644
index 0000000..2a9f884
--- /dev/null
+++ b/conf/machine/ledge-qemuarm.conf
@@ -0,0 +1,25 @@
+#@TYPE: Machine
+#@NAME: generic armv7a machine
+#@DESCRIPTION: Machine configuration for running a generic armv7
+
+require conf/machine/include/arm/arch-armv7a.inc
+require conf/machine/include/ledge-qemu-common.inc
+
+OPTEEMACHINE = "vexpress-qemu_virt"
+OPTEEOUTPUTMACHINE = "vexpress"
+
+MACHINE_FEATURES += "optee"
+MACHINE_FEATURES += "tpm2"
+MACHINE_FEATURES += "ftpm"
+
+PREFERRED_PROVIDER_virtual/bootloader = "u-boot-ledge"
+UBOOT_CONFIG = "basic"
+UBOOT_DEVICETREE = "qemu_arm.dtb"
+UBOOT_CONFIG[basic]   = "ledge-qemuarm_defconfig,,u-boot.bin"
+EXTRA_IMAGEDEPENDS_append = " virtual/bootloader "
+
+MACHINE_EXTRA_RDEPENDS += " \
+    optee-os \
+    trusted-firmware-a-ledge \
+    edk2-efi-prebuild-fw \
+    "
diff --git a/conf/machine/ledge-qemuarm64.conf b/conf/machine/ledge-qemuarm64.conf
new file mode 100644
index 0000000..792d54d
--- /dev/null
+++ b/conf/machine/ledge-qemuarm64.conf
@@ -0,0 +1,25 @@
+#@TYPE: Machine
+#@NAME: generic armv8 machine
+#@DESCRIPTION: Machine configuration for running a generic armv8
+
+require conf/machine/include/arm/arch-armv8a.inc
+require conf/machine/include/qemu.inc
+
+OPTEEMACHINE = "vexpress-qemu_armv8a"
+OPTEEOUTPUTMACHINE = "vexpress"
+
+MACHINE_FEATURES += "optee"
+MACHINE_FEATURES += "tpm2"
+MACHINE_FEATURES += "ftpm"
+
+PREFERRED_PROVIDER_virtual/bootloader = "u-boot-ledge"
+UBOOT_CONFIG = "basic"
+UBOOT_DEVICETREE = "qemu_arm64.dtb"
+UBOOT_CONFIG[basic]   = "ledge-qemuarm64_defconfig,,u-boot.bin"
+EXTRA_IMAGEDEPENDS_append = " virtual/bootloader"
+
+MACHINE_EXTRA_RDEPENDS += " \
+    optee-os \
+    trusted-firmware-a-ledge \
+    edk2-efi-prebuild-fw \
+    "
diff --git a/conf/machine/ledge-qemux86-64.conf b/conf/machine/ledge-qemux86-64.conf
new file mode 100644
index 0000000..9f491e2
--- /dev/null
+++ b/conf/machine/ledge-qemux86-64.conf
@@ -0,0 +1,25 @@
+#@TYPE: Machine
+#@NAME: common_pc
+#@DESCRIPTION: Machine configuration for running a common x86
+
+# Define specific familly common machine name
+MACHINEOVERRIDES .= ":ledgecommon"
+
+require conf/machine/include/qemu.inc
+DEFAULTTUNE ?= "core2-64"
+require conf/machine/include/tune-core2.inc
+require conf/machine/include/qemuboot-x86.inc
+
+UBOOT_MACHINE ?= "qemu-x86_64_defconfig"
+
+SERIAL_CONSOLES ?= "115200;ttyS0 115200;ttyS1"
+
+
+MACHINE_FEATURES += "x86 pci"
+MACHINE_FEATURES += "pcbios efi"
+
+MACHINE_ESSENTIAL_EXTRA_RDEPENDS += "v86d"
+
+MACHINE_EXTRA_RDEPENDS += " \
+    edk2-efi-prebuild-fw \
+    "
diff --git a/conf/machine/ledge-stm32mp157c-dk2.conf b/conf/machine/ledge-stm32mp157c-dk2.conf
new file mode 100644
index 0000000..05a7e90
--- /dev/null
+++ b/conf/machine/ledge-stm32mp157c-dk2.conf
@@ -0,0 +1,23 @@
+include conf/machine/include/tune-cortexa7.inc
+
+DEFAULTTUNE = "cortexa7thf-neon-vfpv4"
+
+KERNEL_DEVICETREE = "stm32mp157c-dk2.dtb"
+SERIAL_CONSOLE = "115200 ttySTM0"
+
+MACHINE_FEATURES += "tsn"
+MACHINE_FEATURES += "optee"
+MACHINE_FEATURES += "tpm2"
+MACHINE_FEATURES += "ftpm"
+
+PREFERRED_PROVIDER_virtual/bootloader = "u-boot-ledge"
+UBOOT_CONFIG = "trusted"
+# Define u-boot defconfig and binary to use for each UBOOT_CONFIG
+UBOOT_CONFIG[trusted] = "ledge_stm32mp157c_dk2_trusted_defconfig,,u-boot.stm32"
+
+MACHINE_EXTRA_RDEPENDS += " \
+    optee-os \
+    trusted-firmware-a-ledge \
+    virtual/bootloader \
+    edk2-efi-prebuild-fw \
+    "
diff --git a/conf/machine/ledge-synquacer.conf b/conf/machine/ledge-synquacer.conf
new file mode 100644
index 0000000..e4a6473
--- /dev/null
+++ b/conf/machine/ledge-synquacer.conf
@@ -0,0 +1,9 @@
+require conf/machine/include/arm/arch-arm64.inc
+
+MACHINE_ENDIANNESS ?= "le"
+
+MACHINE_EXTRA_RDEPENDS += " \
+    edk2-efi-prebuild-fw \
+    "
+
+SERIAL_CONSOLE = "115200 ttyMV0"
diff --git a/conf/machine/ledge-ti-am572x.conf b/conf/machine/ledge-ti-am572x.conf
new file mode 100644
index 0000000..3f52530
--- /dev/null
+++ b/conf/machine/ledge-ti-am572x.conf
@@ -0,0 +1,20 @@
+require conf/machine/am57xx-evm.conf
+
+KERNEL_DEVICETREE = "am572x-idk.dtb"
+
+PREFERRED_PROVIDER_virtual/bootloader = "u-boot-ledge"
+PREFERRED_PROVIDER_u-boot = "u-boot-ledge"
+unset UBOOT_MACHINE
+UBOOT_CONFIG = "trusted"
+UBOOT_CONFIG[trusted] = "ledge-ti-am572x_defconfig,,u-boot.img"
+EXTRA_IMAGEDEPENDS_remove = "u-boot"
+
+MACHINE_EXTRA_RRECOMMENDS = "prueth-fw"
+MACHINE_FEATURES += "tsn"
+
+MACHINE_EXTRA_RDEPENDS += " \
+    edk2-efi-prebuild-fw \
+    "
+
+RDEPENDS_${KERNEL_PACKAGE_NAME}-base_append_ledge-ti-am572x = " prueth-fw"
+FILES_${KERNEL_PACKAGE_NAME}-devicetree_append_ledge-ti-am572x += "/${KERNEL_IMAGEDEST}/*.itb"
diff --git a/recipes-bsp/edk2-efi-prebuild-fw/edk2-efi-prebuild-fw.bb b/recipes-bsp/edk2-efi-prebuild-fw/edk2-efi-prebuild-fw.bb
new file mode 100644
index 0000000..d293f30
--- /dev/null
+++ b/recipes-bsp/edk2-efi-prebuild-fw/edk2-efi-prebuild-fw.bb
@@ -0,0 +1,49 @@
+SUMMARY = "Prebuilt EDK2 Firmware"
+DESCRIPTION = "Package provides prebuilt EDK2 frimware for LEDGE targets."
+HOMEPAGE = "https://retrage.github.io/edk2-nightly/"
+
+PACKAGE_ARCH = "${MACHINE_ARCH}"
+
+ALLOW_EMPTY_${PN} = "1"
+
+LICENSE = "BSD-2-Clause"
+LIC_FILES_CHKSUM = "file://${COREBASE}/meta/files/common-licenses/BSD;md5=3775480a712fc46a69647678acb234cb"
+
+# https://retrage.github.io/edk2-nightly/
+PV="edk2-stable202008"
+
+inherit deploy
+
+S = "${WORKDIR}/"
+
+SRC_URI = "\
+	file://RELEASEAARCH64_QEMU_EFI.fd.gz \
+	file://LEDGE_AARCH64_QEMU_VARS.fd.gz \
+	file://RELEASEARM_QEMU_EFI.fd.gz \
+	file://LEDGE_ARM_QEMU_VARS.fd.gz \
+	file://LEDGE_RELEASEX64_OVMF.fd.gz \
+	"
+
+do_deploy() {
+	mkdir -p ${D}/boot/EFI/BOOT
+}
+
+do_deploy_append_ledge-qemuarm64() {
+    dd if=/dev/zero bs=1M count=64 of=${DEPLOYDIR}/firmware.uefi.edk2.bin
+    dd if=${B}/RELEASEAARCH64_QEMU_EFI.fd  bs=1M of=${DEPLOYDIR}/firmware.uefi.edk2.bin conv=notrunc
+    install -m 0644  ${B}/LEDGE_AARCH64_QEMU_VARS.fd ${DEPLOYDIR}/LEDGE_AARCH64_QEMU_VARS.bin
+}
+
+do_deploy_append_ledge-qemuarm() {
+    dd if=/dev/zero bs=1M count=64 of=${DEPLOYDIR}/firmware.uefi.edk2.bin
+    dd if=${B}/RELEASEARM_QEMU_EFI.fd bs=1M of=${DEPLOYDIR}/firmware.uefi.edk2.bin conv=notrunc
+    install -m 0644 ${B}/LEDGE_ARM_QEMU_VARS.fd ${DEPLOYDIR}/LEDGE_ARM_QEMU_VARS.bin
+}
+
+do_deploy_append_ledge-qemux86-64() {
+    install -m 0644 ${B}/LEDGE_RELEASEX64_OVMF.fd ${DEPLOYDIR}/firmware.uefi.edk2.bin
+}
+
+addtask deploy after do_install
+
+FILES_${PN} = "/boot/"
diff --git a/recipes-bsp/edk2-efi-prebuild-fw/files/LEDGE_AARCH64_QEMU_VARS.fd.gz b/recipes-bsp/edk2-efi-prebuild-fw/files/LEDGE_AARCH64_QEMU_VARS.fd.gz
new file mode 100644
index 0000000..bdc2df3
--- /dev/null
+++ b/recipes-bsp/edk2-efi-prebuild-fw/files/LEDGE_AARCH64_QEMU_VARS.fd.gz
diff --git a/recipes-bsp/edk2-efi-prebuild-fw/files/LEDGE_ARM_QEMU_VARS.fd.gz b/recipes-bsp/edk2-efi-prebuild-fw/files/LEDGE_ARM_QEMU_VARS.fd.gz
new file mode 100644
index 0000000..67d3bdb
--- /dev/null
+++ b/recipes-bsp/edk2-efi-prebuild-fw/files/LEDGE_ARM_QEMU_VARS.fd.gz
diff --git a/recipes-bsp/edk2-efi-prebuild-fw/files/LEDGE_RELEASEX64_OVMF.fd.gz b/recipes-bsp/edk2-efi-prebuild-fw/files/LEDGE_RELEASEX64_OVMF.fd.gz
new file mode 100644
index 0000000..bece937
--- /dev/null
+++ b/recipes-bsp/edk2-efi-prebuild-fw/files/LEDGE_RELEASEX64_OVMF.fd.gz
diff --git a/recipes-bsp/edk2-efi-prebuild-fw/files/RELEASEAARCH64_QEMU_EFI.fd.gz b/recipes-bsp/edk2-efi-prebuild-fw/files/RELEASEAARCH64_QEMU_EFI.fd.gz
new file mode 100644
index 0000000..30ebeeb
--- /dev/null
+++ b/recipes-bsp/edk2-efi-prebuild-fw/files/RELEASEAARCH64_QEMU_EFI.fd.gz
diff --git a/recipes-bsp/edk2-efi-prebuild-fw/files/RELEASEARM_QEMU_EFI.fd.gz b/recipes-bsp/edk2-efi-prebuild-fw/files/RELEASEARM_QEMU_EFI.fd.gz
new file mode 100644
index 0000000..3686daa
--- /dev/null
+++ b/recipes-bsp/edk2-efi-prebuild-fw/files/RELEASEARM_QEMU_EFI.fd.gz
diff --git a/recipes-bsp/trusted-firmware-a/files/0001-plat-qemu-trigger-reboot-with-secure-pl061.patch b/recipes-bsp/trusted-firmware-a/files/0001-plat-qemu-trigger-reboot-with-secure-pl061.patch
new file mode 100644
index 0000000..8a4eecd
--- /dev/null
+++ b/recipes-bsp/trusted-firmware-a/files/0001-plat-qemu-trigger-reboot-with-secure-pl061.patch
@@ -0,0 +1,126 @@
+From 67f3b696dc8e36bad9c9f76edae23ad1f889ad5e Mon Sep 17 00:00:00 2001
+From: Maxim Uvarov <maxim.uvarov@linaro.org>
+Date: Mon, 14 Dec 2020 10:17:44 +0000
+Subject: [PATCH] plat/qemu: trigger reboot with secure pl061
+
+Secure pl061 qemu driver allows to rize the GPIO pin
+from the secure world to reboot and power down
+virtual machine.
+
+Signed-off-by: Maxim Uvarov <maxim.uvarov@linaro.org>
+Change-Id: I508d7c5cf4c75cb169b34b00682a76f6761d3869
+---
+ plat/qemu/common/qemu_bl31_setup.c    |  8 ++++++++
+ plat/qemu/common/qemu_pm.c            | 12 ++++++++++--
+ plat/qemu/qemu/include/platform_def.h |  7 ++++++-
+ plat/qemu/qemu/platform.mk            |  2 ++
+ 4 files changed, 26 insertions(+), 3 deletions(-)
+
+diff --git a/plat/qemu/common/qemu_bl31_setup.c b/plat/qemu/common/qemu_bl31_setup.c
+index 4d36b0391..24590f3d3 100644
+--- a/plat/qemu/common/qemu_bl31_setup.c
++++ b/plat/qemu/common/qemu_bl31_setup.c
+@@ -8,6 +8,7 @@
+ 
+ #include <common/bl_common.h>
+ #include <plat/common/platform.h>
++#include <drivers/arm/pl061_gpio.h>
+ 
+ #include "qemu_private.h"
+ 
+@@ -69,9 +70,16 @@ void bl31_plat_arch_setup(void)
+ 			      BL_COHERENT_RAM_BASE, BL_COHERENT_RAM_END);
+ }
+ 
++static void qemu_gpio_init(void)
++{
++    pl061_gpio_init();
++    pl061_gpio_register(SECURE_GPIO_BASE, 0);
++}
++
+ void bl31_platform_setup(void)
+ {
+ 	plat_qemu_gic_init();
++	qemu_gpio_init();
+ }
+ 
+ unsigned int plat_get_syscnt_freq2(void)
+diff --git a/plat/qemu/common/qemu_pm.c b/plat/qemu/common/qemu_pm.c
+index cf800096f..4411fcc3b 100644
+--- a/plat/qemu/common/qemu_pm.c
++++ b/plat/qemu/common/qemu_pm.c
+@@ -12,6 +12,7 @@
+ #include <lib/psci/psci.h>
+ #include <lib/semihosting.h>
+ #include <plat/common/platform.h>
++#include <drivers/gpio.h>
+ 
+ #include "qemu_private.h"
+ 
+@@ -201,16 +202,23 @@ void qemu_pwr_domain_suspend_finish(const psci_power_state_t *target_state)
+ /*******************************************************************************
+  * Platform handlers to shutdown/reboot the system
+  ******************************************************************************/
++
+ static void __dead2 qemu_system_off(void)
+ {
++	ERROR("QEMU System Power off: with gpio.\n");
++	gpio_set_direction(SECURE_GPIO_POWEROFF, GPIO_DIR_OUT);
++	gpio_set_value(SECURE_GPIO_POWEROFF, GPIO_LEVEL_HIGH);
++	gpio_set_value(SECURE_GPIO_POWEROFF, GPIO_LEVEL_LOW);
+ 	semihosting_exit(ADP_STOPPED_APPLICATION_EXIT, 0);
+-	ERROR("QEMU System Off: semihosting call unexpectedly returned.\n");
+ 	panic();
+ }
+ 
+ static void __dead2 qemu_system_reset(void)
+ {
+-	ERROR("QEMU System Reset: operation not handled.\n");
++	ERROR("QEMU System Reset: with gpio.\n");
++	gpio_set_direction(SECURE_GPIO_RESET, GPIO_DIR_OUT);
++	gpio_set_value(SECURE_GPIO_RESET, GPIO_LEVEL_HIGH);
++	gpio_set_value(SECURE_GPIO_RESET, GPIO_LEVEL_LOW);
+ 	panic();
+ }
+ 
+diff --git a/plat/qemu/qemu/include/platform_def.h b/plat/qemu/qemu/include/platform_def.h
+index ed4b748af..c51668808 100644
+--- a/plat/qemu/qemu/include/platform_def.h
++++ b/plat/qemu/qemu/include/platform_def.h
+@@ -81,6 +81,11 @@
+ #define SEC_DRAM_BASE			0x0e100000
+ #define SEC_DRAM_SIZE			0x00f00000
+ 
++#define SECURE_GPIO_BASE        0x090b0000
++#define SECURE_GPIO_SIZE        0x00001000
++#define SECURE_GPIO_POWEROFF    0
++#define SECURE_GPIO_RESET       1
++
+ /* Load pageable part of OP-TEE 2MB above secure DRAM base */
+ #define QEMU_OPTEE_PAGEABLE_LOAD_BASE	(SEC_DRAM_BASE + 0x00200000)
+ #define QEMU_OPTEE_PAGEABLE_LOAD_SIZE	0x00400000
+@@ -202,7 +207,7 @@
+ #define DEVICE0_BASE			0x08000000
+ #define DEVICE0_SIZE			0x01000000
+ #define DEVICE1_BASE			0x09000000
+-#define DEVICE1_SIZE			0x00041000
++#define DEVICE1_SIZE			0x00c00000
+ 
+ /*
+  * GIC related constants
+diff --git a/plat/qemu/qemu/platform.mk b/plat/qemu/qemu/platform.mk
+index 14bf049be..88a95c800 100644
+--- a/plat/qemu/qemu/platform.mk
++++ b/plat/qemu/qemu/platform.mk
+@@ -163,6 +163,8 @@ BL31_SOURCES		+=	lib/cpus/aarch64/aem_generic.S		\
+ 				lib/semihosting/semihosting.c		\
+ 				lib/semihosting/${ARCH}/semihosting_call.S \
+ 				plat/common/plat_psci_common.c		\
++				drivers/arm/pl061/pl061_gpio.c		\
++				drivers/gpio/gpio.c			\
+ 				${PLAT_QEMU_COMMON_PATH}/qemu_pm.c			\
+ 				${PLAT_QEMU_COMMON_PATH}/topology.c			\
+ 				${PLAT_QEMU_COMMON_PATH}/aarch64/plat_helpers.S	\
+-- 
+2.17.1
+
diff --git a/recipes-bsp/trusted-firmware-a/trusted-firmware-a-ledge_git.bb b/recipes-bsp/trusted-firmware-a/trusted-firmware-a-ledge_git.bb
new file mode 100644
index 0000000..3bd3cc1
--- /dev/null
+++ b/recipes-bsp/trusted-firmware-a/trusted-firmware-a-ledge_git.bb
@@ -0,0 +1,173 @@
+SUMMARY = "ARM Trusted Firmware"
+DESCRIPTION = "ARM Trusted Firmware provides a reference implementation of \
+Secure World software for ARMv8-A, including Exception Level 3 (EL3) software. \
+It provides implementations of various ARM interface standards such as the \
+Power State Coordination Interface (PSCI), Trusted Board Boot Requirements \
+(TBBR) and Secure monitor code."
+HOMEPAGE = "http://infocenter.arm.com/help/topic/com.arm.doc.dui0928e/CJHIDGJF.html"
+
+LICENSE = "BSD-3-Clause"
+LIC_FILES_CHKSUM = "file://license.rst;md5=1dd070c98a281d18d9eefd938729b031"
+
+PACKAGE_ARCH = "${MACHINE_ARCH}"
+
+PV = "2.4"
+
+SRC_URI = "git://github.com/ARM-software/arm-trusted-firmware.git;protocol=https;nobranch=1"
+SRCREV = "e2c509a39c6cc4dda8734e6509cdbe6e3603cdfc"
+
+SRC_URI += "file://0001-plat-qemu-trigger-reboot-with-secure-pl061.patch"
+
+ALLOW_EMPTY_${PN} = "1"
+
+S = "${WORKDIR}/git"
+B = "${WORKDIR}/build"
+
+inherit deploy
+
+DEPENDS += "dtc-native"
+DEPENDS_ledge-qemuarm += " optee-os virtual/bootloader "
+DEPENDS_ledge-qemuarm64 += " optee-os virtual/bootloader "
+
+# ledge-stm32mp157c-dk2 specific
+TF_A_PLATFORM_ledge-stm32mp157c-dk2 = "stm32mp1"
+TF_A_DEVICETREE_ledge-stm32mp157c-dk2 = "stm32mp157c-dk2"
+
+# ledge-qemuarm specific
+TF_A_PLATFORM_ledge-qemuarm = "qemu"
+
+# ledge-qemuarm64 specific
+TF_A_PLATFORM_ledge-qemuarm64 = "qemu"
+
+# Extra make settings
+EXTRA_OEMAKE = ' CROSS_COMPILE=${TARGET_PREFIX} '
+EXTRA_OEMAKE += ' PLAT=${TF_A_PLATFORM} '
+EXTRA_OEMAKE_append_armv7a = ' ARCH=aarch32 ARM_ARCH_MAJOR=7 '
+EXTRA_OEMAKE_append_armv7ve = ' ARCH=aarch32 ARM_ARCH_MAJOR=7 '
+EXTRA_OEMAKE_append_ledge-stm32mp157c-dk2 = "AARCH32_SP=optee STM32MP_SDMMC=1 STM32MP_EMMC=1"
+EXTRA_OEMAKE_append_ledge-qemuarm = ' AARCH32_SP=optee ARM_TSP_RAM_LOCATION=tdram BL32_RAM_LOCATION=tdram '
+EXTRA_OEMAKE_append_aarch64 = "${@bb.utils.contains('MACHINE_FEATURES', 'optee', ' SPD=opteed ', '', d)}"
+
+# FIP image
+EXTRA_OEMAKE_append_ledge-qemuarm = 'BL32=${STAGING_DIR_TARGET}/lib/firmware/tee-header_v2.bin BL32_EXTRA1=${STAGING_DIR_TARGET}/lib/firmware/tee-pager_v2.bin BL32_EXTRA2=${STAGING_DIR_TARGET}/lib/firmware/tee-pageable_v2.bin  BL33=${DEPLOY_DIR_IMAGE}/u-boot.bin fip GENERATE_COT=1 BL32_RAM_LOCATION=tdram '
+EXTRA_OEMAKE_append_ledge-qemuarm64 = 'BL32=${STAGING_DIR_TARGET}/lib/firmware/tee-header_v2.bin BL32_EXTRA1=${STAGING_DIR_TARGET}/lib/firmware/tee-pager_v2.bin BL32_EXTRA2=${STAGING_DIR_TARGET}/lib/firmware/tee-pageable_v2.bin  BL33=${DEPLOY_DIR_IMAGE}/u-boot.bin fip GENERATE_COT=1 BL32_RAM_LOCATION=tdram '
+
+# Debug support
+EXTRA_OEMAKE += 'DEBUG=1'
+EXTRA_OEMAKE += "LOG_LEVEL=40"
+
+CFLAGS[unexport] = "1"
+LDFLAGS[unexport] = "1"
+AS[unexport] = "1"
+LD[unexport] = "1"
+
+do_configure[noexec] = "1"
+
+do_compile() {
+    oe_runmake -C ${S} BUILD_PLAT=${B}/${config} all
+}
+do_compile_ledge-stm32mp157c-dk2() {
+    if [ -n "${TF_A_DEVICETREE}" ]; then
+        for dt in ${TF_A_DEVICETREE}; do
+            oe_runmake -C ${S} DTB_FILE_NAME=${dt}.dtb BUILD_PLAT=${B} all
+        done
+    else
+            oe_runmake -C ${S} BUILD_PLAT=${B} all
+    fi
+}
+
+do_install() {
+    install -d ${D}/boot
+    if [ -f ${B}/bl1.bin ] ; then
+        install -m 0644 ${B}/bl1.bin ${D}/boot/
+        install -m 0644 ${B}/bl1/bl1.elf ${D}/boot/
+    fi
+    if [ -f ${B}/bl2.bin ] ; then
+        install -m 0644 ${B}/bl2.bin ${D}/boot/
+        install -m 0644 ${B}/bl2/bl2.elf ${D}/boot/
+    fi
+    if [ -f ${B}/bl3.bin ] ; then
+        install -m 0644 ${B}/bl3.bin ${D}/boot/
+        install -m 0644 ${B}/bl3/bl3.elf ${D}/boot/
+    fi
+    if [ -f ${B}/bl31.bin ] ; then
+        install -m 0644 ${B}/bl31.bin ${D}/boot/
+        install -m 0644 ${B}/bl31/bl31.elf ${D}/boot/
+    fi
+    if [ -f ${B}/bl33.bin ] ; then
+        install -m 0644 ${B}/bl32.bin ${D}/boot/
+        install -m 0644 ${B}/bl32/bl32.elf ${D}/boot/
+    fi
+}
+
+do_install_ledge-qemuarm() {
+	echo "nothing"
+}
+
+do_install_ledge-qemuarm64() {
+	echo "nothing"
+}
+
+do_deploy() {
+    install -d ${DEPLOYDIR}/arm-trusted-firmware
+    if [ -f ${B}/bl1.bin ] ; then
+        install -m 0644 ${B}/bl1.bin ${DEPLOYDIR}/arm-trusted-firmware/
+        install -m 0644 ${B}/bl1/bl1.elf ${DEPLOYDIR}/arm-trusted-firmware/
+    fi
+    if [ -f ${B}/bl2.bin ] ; then
+        install -m 0644 ${B}/bl2.bin ${DEPLOYDIR}/arm-trusted-firmware/
+        install -m 0644 ${B}/bl2/bl2.elf ${DEPLOYDIR}/arm-trusted-firmware/
+    fi
+    if [ -f ${B}/bl3.bin ] ; then
+        install -m 0644 ${B}/bl3.bin ${DEPLOYDIR}/arm-trusted-firmware/
+        install -m 0644 ${B}/bl3/bl3.elf ${DEPLOYDIR}/arm-trusted-firmware/
+    fi
+    if [ -f ${B}/bl31.bin ] ; then
+        install -m 0644 ${B}/bl31.bin ${DEPLOYDIR}/arm-trusted-firmware/
+        install -m 0644 ${B}/bl31/bl31.elf ${DEPLOYDIR}/arm-trusted-firmware/
+    fi
+    if [ -f ${B}/bl33.bin ] ; then
+        install -m 0644 ${B}/bl32.bin ${DEPLOYDIR}/arm-trusted-firmware/
+        install -m 0644 ${B}/bl32/bl32.elf ${DEPLOYDIR}/arm-trusted-firmware/
+    fi
+
+    if [ -f ${B}/fip.bin ] ; then
+        install -m 0644 ${B}/fip.bin ${DEPLOYDIR}/
+        dd if=/dev/zero of=${DEPLOYDIR}/firmware.uefi.uboot.bin count=131072
+        dd if=${B}/bl1.bin of=${DEPLOYDIR}/firmware.uefi.uboot.bin bs=4096 conv=notrunc
+        dd if=${B}/fip.bin of=${DEPLOYDIR}/firmware.uefi.uboot.bin seek=64 bs=4096 conv=notrunc
+        ln -sf firmware.uefi.uboot.bin ${DEPLOYDIR}/firmware.bin
+    fi
+}
+
+do_deploy_append_ledge-qemuarm() {
+    cd ${DEPLOYDIR}
+    ln -sf arm-trusted-firmware/bl1.bin  bl1.bin
+    ln -sf arm-trusted-firmware/bl2.bin  bl2.bin
+    cd -
+}
+
+do_deploy_append_ledge-qemuarm64() {
+    cd ${DEPLOYDIR}
+    ln -sf arm-trusted-firmware/bl1.bin  bl1.bin
+    ln -sf arm-trusted-firmware/bl2.bin  bl2.bin
+    ln -sf arm-trusted-firmware/bl31.bin bl31.bin
+    cd -
+}
+
+do_deploy_append_ledge-stm32mp157c-dk2() {
+    if [ -n "${TF_A_DEVICETREE}" ]; then
+        for dt in ${TF_A_DEVICETREE}; do
+            install -m 644 ${B}/tf-a-${dt}.stm32 ${DEPLOYDIR}/arm-trusted-firmware/
+        done
+    else
+        # Get tf-a binary basename to copy
+        tf_a_binary_basename=$(find ${B}/ -name "tf-a-*.stm32" -exec basename {} \; | sed 's|\.stm32||g')
+        install -m 644 ${B}/${tf_a_binary_basename}.stm32 ${DEPLOYDIR}/arm-trusted-firmware/
+    fi
+}
+
+addtask deploy before do_build after do_compile
+
+FILES_${PN} = "/boot"
+
diff --git a/recipes-bsp/u-boot/u-boot-ledge.bb b/recipes-bsp/u-boot/u-boot-ledge.bb
new file mode 100644
index 0000000..4e75333
--- /dev/null
+++ b/recipes-bsp/u-boot/u-boot-ledge.bb
@@ -0,0 +1,117 @@
+HOMEPAGE = "http://www.denx.de/wiki/U-Boot/WebHome"
+SECTION = "bootloaders"
+DEPENDS += "flex-native bison-native"
+
+LICENSE = "GPLv2+"
+LIC_FILES_CHKSUM = "file://Licenses/README;md5=5a7450c57ffe5ae63fd732446b988025"
+PE = "1"
+
+# We use the revision in order to avoid having to fetch it from the
+# repo during parse
+
+PV = "2021.01"
+
+SRC_URI = "git://git.denx.de/u-boot.git"
+SRCREV = "c4fddedc48f336eabc4ce3f74940e6aa372de18c"
+
+SRC_URI += " \
+    file://0000-ti-am572x-enable-boot_distrocmd.patch \
+    file://0001-stm32mp-update-MMU-config-before-the-relocation.patch \
+    file://0002-stm32mp-update-the-mmu-configuration-for-SPL-and-pre.patch \
+    file://0003-arm-remove-TTB_SECT_XN_MASK-in-DCACHE_WRITETHROUGH.patch \
+    file://0004-arm-cosmetic-align-TTB_SECT-define-value.patch \
+    file://0005-arm-cp15-update-DACR-value-to-activate-access-contro.patch \
+    file://0006-arm-omap2-remove-arm_init_domains.patch \
+    file://0007-arm-cp15-remove-weak-function-arm_init_domains.patch \
+    file://0008-arm-remove-set_dacr-get_dacr-functions.patch \
+    file://0009-tpm2-Introduce-TIS-tpm-core.patch \
+    file://0010-tpm2-Add-a-TPMv2-MMIO-TIS-driver.patch \
+    file://ledge_stm32mp157c_dk2_trusted_defconfig \
+    file://ubootefi.var \
+    "
+
+S = "${WORKDIR}/git"
+B = "${WORKDIR}/build"
+
+SRC_URI_append_ledge-qemuarm = " file://ledge-qemuarm_defconfig"
+SRC_URI_append_ledge-qemuarm64 = " file://ledge-qemuarm64_defconfig"
+SRC_URI_append_ledge-ti-am572x = " file://ledge-ti-am572x_defconfig"
+
+PACKAGE_ARCH = "${MACHINE_ARCH}"
+
+require recipes-bsp/u-boot/u-boot.inc
+PROVIDES += "u-boot virtual/bootloader"
+RPROVIDES_${PN} += "u-boot virtual/bootloader"
+
+DEPENDS += "bc-native dtc-native"
+
+do_configure_prepend() {
+    for conf in ${UBOOT_MACHINE};
+    do
+        if [ -f ${WORKDIR}/$conf ] ;
+        then
+            cp ${WORKDIR}/$conf ${S}/configs/
+        fi
+    done
+    cp ${WORKDIR}/ubootefi.var ${S}/
+}
+
+# -----------------------------------------------------------------------------
+# Append deploy to handle specific device tree binary deployement
+#
+SPL_BINARY_LEDGE_ledge-stm32mp157c-dk2 = "spl/u-boot-spl.stm32"
+do_deploy_append() {
+if [ -n "${SPL_BINARY_LEDGE}" ]; then
+    # Clean deploydir from any available binary first
+    # This allows to only install the devicetree binary ones
+    rm -rf ${DEPLOYDIR}
+
+    # Install destination folder
+    install -d ${DEPLOYDIR}
+
+    if [ -n "${UBOOT_CONFIG}" ]; then
+        unset i j k
+        for config in ${UBOOT_MACHINE}; do
+            i=$(expr $i + 1);
+            for type in ${UBOOT_CONFIG}; do
+                j=$(expr $j + 1);
+                if [ $j -eq $i ]; then
+                    for binary in ${UBOOT_BINARIES}; do
+                        binarysuffix=$(echo ${binary} | cut -d'.' -f2)
+                        k=$(expr $k + 1);
+                        if [ $k -eq $i ]; then
+                            if [ -f ${B}/${config}/${binary} ];
+                            then
+                                install -m 644 ${B}/${config}/${binary} ${DEPLOYDIR}/u-boot-${type}.${binarysuffix}
+                            fi
+                            # As soon as SPL binary exists, install it
+                            # This allow to mix u-boot configuration, with and without SPL
+                            if [ -f ${B}/${config}/${SPL_BINARY_LEDGE} ]; then
+                                install -d ${DEPLOYDIR}/spl
+                                install -m 644 ${B}/${config}/${SPL_BINARY_LEDGE} ${DEPLOYDIR}/${SPL_BINARY_LEDGE}-${type}
+                            fi
+                        fi
+                    done
+                    unset k
+                fi
+            done
+            unset j
+        done
+        unset i
+    else
+            bbfatal "Wrong u-boot-ledge configuration: please make sure to use UBOOT_CONFIG through BOOTSCHEME_LABELS config"
+    fi
+fi
+}
+do_deploy_append_ledge-qemuarm() {
+    cd ${DEPLOYDIR}
+    ln -sf u-boot-ledge-qemuarm.bin bl33.bin
+    cd -
+}
+
+do_deploy_append_ledge-qemuarm64() {
+    cd ${DEPLOYDIR}
+    ln -sf u-boot-ledge-qemuarm64.bin bl33.bin
+    cd -
+}
+
diff --git a/recipes-bsp/u-boot/u-boot-ledge/0000-ti-am572x-enable-boot_distrocmd.patch b/recipes-bsp/u-boot/u-boot-ledge/0000-ti-am572x-enable-boot_distrocmd.patch
new file mode 100644
index 0000000..a79164b
--- /dev/null
+++ b/recipes-bsp/u-boot/u-boot-ledge/0000-ti-am572x-enable-boot_distrocmd.patch
@@ -0,0 +1,73 @@
+From e4eeb6f219b54b5fab87eb61384154b5afb5034e Mon Sep 17 00:00:00 2001
+From: Christophe Priouzeau <christophe.priouzeau@st.com>
+Date: Tue, 26 May 2020 14:42:17 +0200
+Subject: [PATCH 5/5] ti: am572x enable boot_distrocmd
+
+Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
+---
+ include/configs/am57xx_evm.h      | 9 +++++++++
+ include/configs/ti_omap5_common.h | 1 +
+ include/environment/ti/boot.h     | 8 ++++++++
+ 3 files changed, 18 insertions(+)
+
+diff --git a/include/configs/am57xx_evm.h b/include/configs/am57xx_evm.h
+index c47ffccff1..26a4438db7 100644
+--- a/include/configs/am57xx_evm.h
++++ b/include/configs/am57xx_evm.h
+@@ -43,6 +43,15 @@
+ #endif
+ #endif
+ 
++#ifdef CONFIG_DISTRO_DEFAULTS
++#define BOOT_TARGET_DEVICES(func) \
++	func(MMC, mmc, 0) \
++	func(MMC, mmc, 1) \
++	func(USB, usb, 0)
++
++#include <config_distro_bootcmd.h>
++#endif
++
+ #include <configs/ti_omap5_common.h>
+ 
+ /* Enhance our eMMC support / experience. */
+diff --git a/include/configs/ti_omap5_common.h b/include/configs/ti_omap5_common.h
+index de0a6af2fd..d44690fb3a 100644
+--- a/include/configs/ti_omap5_common.h
++++ b/include/configs/ti_omap5_common.h
+@@ -67,6 +67,7 @@
+ 	DFUARGS \
+ 	NETARGS \
+ 	NANDARGS \
++	BOOTENV \
+ 
+ /*
+  * SPL related defines.  The Public RAM memory map the ROM defines the
+diff --git a/include/environment/ti/boot.h b/include/environment/ti/boot.h
+index a9d8f28d46..0b9588e1dd 100644
+--- a/include/environment/ti/boot.h
++++ b/include/environment/ti/boot.h
+@@ -222,6 +222,7 @@
+ 		"if test $fdtfile = undefined; then " \
+ 			"echo WARNING: Could not determine device tree to use; fi; \0"
+ 
++#ifndef CONFIG_BOOTCOMMAND
+ #define CONFIG_BOOTCOMMAND \
+ 	"if test ${dofastboot} -eq 1; then " \
+ 		"echo Boot fastboot requested, resetting dofastboot ...;" \
+@@ -237,6 +238,13 @@
+ 	"run emmc_linux_boot; " \
+ 	"run emmc_android_boot; " \
+ 	""
++#else
++#undef CONFIG_BOOTCOMMAND
++/* hack, ideally we should configure the CONFIG_BOOTCOMMAND from .config */
++#define CONFIG_BOOTCOMMAND \
++	"run findfdt; " \
++	"run distro_bootcmd"
++#endif
+ 
+ #endif /* CONFIG_OMAP54XX */
+ 
+-- 
+2.17.1
+
diff --git a/recipes-bsp/u-boot/u-boot-ledge/0001-stm32mp-update-MMU-config-before-the-relocation.patch b/recipes-bsp/u-boot/u-boot-ledge/0001-stm32mp-update-MMU-config-before-the-relocation.patch
new file mode 100644
index 0000000..6c312f5
--- /dev/null
+++ b/recipes-bsp/u-boot/u-boot-ledge/0001-stm32mp-update-MMU-config-before-the-relocation.patch
@@ -0,0 +1,61 @@
+From ab26c82c95f64bb7aeb31f90f9aa6a82f78e331f Mon Sep 17 00:00:00 2001
+From: Patrick Delaunay <patrick.delaunay@foss.st.com>
+Date: Fri, 5 Feb 2021 13:53:32 +0100
+Subject: [PATCH 1/8] stm32mp: update MMU config before the relocation
+
+Mark the top of ram, used for relocated U-Boot as a normal memory
+(cacheable and executable) to avoid permission access issue when
+U-Boot jumps to this relocated code.
+
+When MMU is activated in pre-reloc stage; only the beginning of
+DDR is marked executable.
+
+This patch avoids access issue when DACR is correctly managed.
+
+Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
+Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
+---
+ arch/arm/mach-stm32mp/dram_init.c | 13 +++++++++----
+ 1 file changed, 9 insertions(+), 4 deletions(-)
+
+diff --git a/arch/arm/mach-stm32mp/dram_init.c b/arch/arm/mach-stm32mp/dram_init.c
+index 0e8ce63f4a29..6fddde3738d7 100644
+--- a/arch/arm/mach-stm32mp/dram_init.c
++++ b/arch/arm/mach-stm32mp/dram_init.c
+@@ -10,6 +10,7 @@
+ #include <lmb.h>
+ #include <log.h>
+ #include <ram.h>
++#include <asm/system.h>
+ 
+ DECLARE_GLOBAL_DATA_PTR;
+ 
+@@ -38,6 +39,7 @@ int dram_init(void)
+ 
+ ulong board_get_usable_ram_top(ulong total_size)
+ {
++	phys_size_t size;
+ 	phys_addr_t reg;
+ 	struct lmb lmb;
+ 
+@@ -45,10 +47,13 @@ ulong board_get_usable_ram_top(ulong total_size)
+ 	lmb_init(&lmb);
+ 	lmb_add(&lmb, gd->ram_base, gd->ram_size);
+ 	boot_fdt_add_mem_rsv_regions(&lmb, (void *)gd->fdt_blob);
+-	reg = lmb_alloc(&lmb, CONFIG_SYS_MALLOC_LEN + total_size, SZ_4K);
++	size = ALIGN(CONFIG_SYS_MALLOC_LEN + total_size, MMU_SECTION_SIZE),
++	reg = lmb_alloc(&lmb, size, MMU_SECTION_SIZE);
+ 
+-	if (reg)
+-		return ALIGN(reg + CONFIG_SYS_MALLOC_LEN + total_size, SZ_4K);
++	if (!reg)
++		reg = gd->ram_top - size;
+ 
+-	return gd->ram_top;
++	mmu_set_region_dcache_behaviour(reg, size, DCACHE_DEFAULT_OPTION);
++
++	return reg + size;
+ }
+-- 
+2.30.1
+
diff --git a/recipes-bsp/u-boot/u-boot-ledge/0002-stm32mp-update-the-mmu-configuration-for-SPL-and-pre.patch b/recipes-bsp/u-boot/u-boot-ledge/0002-stm32mp-update-the-mmu-configuration-for-SPL-and-pre.patch
new file mode 100644
index 0000000..c654b73
--- /dev/null
+++ b/recipes-bsp/u-boot/u-boot-ledge/0002-stm32mp-update-the-mmu-configuration-for-SPL-and-pre.patch
@@ -0,0 +1,85 @@
+From da4ef041c103f507a02c86c371afcccddca17deb Mon Sep 17 00:00:00 2001
+From: Patrick Delaunay <patrick.delaunay@foss.st.com>
+Date: Fri, 5 Feb 2021 13:53:33 +0100
+Subject: [PATCH 2/8] stm32mp: update the mmu configuration for SPL and
+ prereloc
+
+Overidde the weak function dram_bank_mmu_setup() to set the DDR
+(preloc case) or the SYSRAM (in SPL case) executable before to enable
+the MMU and configure DACR.
+
+This weak function is called in dcache_enable/mmu_setup.
+
+This patchs avoids a permission access issue when the DDR is marked
+executable (by calling mmu_set_region_dcache_behaviour with
+DCACHE_DEFAULT_OPTION) after MMU setup and domain access permission
+activation with DACR in dcache_enable.
+
+Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
+Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
+---
+ arch/arm/mach-stm32mp/cpu.c | 40 +++++++++++++++++++++++++++----------
+ 1 file changed, 30 insertions(+), 10 deletions(-)
+
+diff --git a/arch/arm/mach-stm32mp/cpu.c b/arch/arm/mach-stm32mp/cpu.c
+index 1520c6eaed6f..4b437dff9e7b 100644
+--- a/arch/arm/mach-stm32mp/cpu.c
++++ b/arch/arm/mach-stm32mp/cpu.c
+@@ -207,6 +207,35 @@ u32 get_bootmode(void)
+ 		    TAMP_BOOT_MODE_SHIFT;
+ }
+ 
++/*
++ * weak function overidde: set the DDR/SYSRAM executable before to enable the
++ * MMU and configure DACR, for early early_enable_caches (SPL or pre-reloc)
++ */
++void dram_bank_mmu_setup(int bank)
++{
++	struct bd_info *bd = gd->bd;
++	int	i;
++	phys_addr_t start;
++	phys_size_t size;
++
++	if (IS_ENABLED(CONFIG_SPL_BUILD)) {
++		start = ALIGN_DOWN(STM32_SYSRAM_BASE, MMU_SECTION_SIZE);
++		size = ALIGN(STM32_SYSRAM_SIZE, MMU_SECTION_SIZE);
++	} else if (gd->flags & GD_FLG_RELOC) {
++		/* bd->bi_dram is available only after relocation */
++		start = bd->bi_dram[bank].start;
++		size =  bd->bi_dram[bank].size;
++	} else {
++		/* mark cacheable and executable the beggining of the DDR */
++		start = STM32_DDR_BASE;
++		size = CONFIG_DDR_CACHEABLE_SIZE;
++	}
++
++	for (i = start >> MMU_SECTION_SHIFT;
++	     i < (start >> MMU_SECTION_SHIFT) + (size >> MMU_SECTION_SHIFT);
++	     i++)
++		set_section_dcache(i, DCACHE_DEFAULT_OPTION);
++}
+ /*
+  * initialize the MMU and activate cache in SPL or in U-Boot pre-reloc stage
+  * MMU/TLB is updated in enable_caches() for U-Boot after relocation
+@@ -222,17 +251,8 @@ static void early_enable_caches(void)
+ 	gd->arch.tlb_size = PGTABLE_SIZE;
+ 	gd->arch.tlb_addr = (unsigned long)&early_tlb;
+ 
++	/* enable MMU (default configuration) */
+ 	dcache_enable();
+-
+-	if (IS_ENABLED(CONFIG_SPL_BUILD))
+-		mmu_set_region_dcache_behaviour(
+-			ALIGN_DOWN(STM32_SYSRAM_BASE, MMU_SECTION_SIZE),
+-			ALIGN(STM32_SYSRAM_SIZE, MMU_SECTION_SIZE),
+-			DCACHE_DEFAULT_OPTION);
+-	else
+-		mmu_set_region_dcache_behaviour(STM32_DDR_BASE,
+-						CONFIG_DDR_CACHEABLE_SIZE,
+-						DCACHE_DEFAULT_OPTION);
+ }
+ 
+ /*
+-- 
+2.30.1
+
diff --git a/recipes-bsp/u-boot/u-boot-ledge/0003-arm-remove-TTB_SECT_XN_MASK-in-DCACHE_WRITETHROUGH.patch b/recipes-bsp/u-boot/u-boot-ledge/0003-arm-remove-TTB_SECT_XN_MASK-in-DCACHE_WRITETHROUGH.patch
new file mode 100644
index 0000000..358f4d4
--- /dev/null
+++ b/recipes-bsp/u-boot/u-boot-ledge/0003-arm-remove-TTB_SECT_XN_MASK-in-DCACHE_WRITETHROUGH.patch
@@ -0,0 +1,31 @@
+From ed5bef4fd9e7ce29bd98e025fa05fd4d5d077879 Mon Sep 17 00:00:00 2001
+From: Patrick Delaunay <patrick.delaunay@foss.st.com>
+Date: Fri, 5 Feb 2021 13:53:34 +0100
+Subject: [PATCH 3/8] arm: remove TTB_SECT_XN_MASK in DCACHE_WRITETHROUGH
+
+The normal memory (other that DCACHE_OFF) should be executable by default,
+only the device memory (DCACHE_OFF) used for peripheral access should have
+the bit execute never (TTB_SECT_XN_MASK).
+
+Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
+Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
+---
+ arch/arm/include/asm/system.h | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/arch/arm/include/asm/system.h b/arch/arm/include/asm/system.h
+index ce552944b701..abe9244cd048 100644
+--- a/arch/arm/include/asm/system.h
++++ b/arch/arm/include/asm/system.h
+@@ -489,7 +489,7 @@ enum dcache_option {
+  */
+ enum dcache_option {
+ 	DCACHE_OFF = TTB_SECT_DOMAIN(0) | TTB_SECT_XN_MASK | TTB_SECT,
+-	DCACHE_WRITETHROUGH = DCACHE_OFF | TTB_SECT_C_MASK,
++	DCACHE_WRITETHROUGH = TTB_SECT_DOMAIN(0) | TTB_SECT | TTB_SECT_C_MASK,
+ 	DCACHE_WRITEBACK = DCACHE_WRITETHROUGH | TTB_SECT_B_MASK,
+ 	DCACHE_WRITEALLOC = DCACHE_WRITEBACK | TTB_SECT_TEX(1),
+ };
+-- 
+2.30.1
+
diff --git a/recipes-bsp/u-boot/u-boot-ledge/0004-arm-cosmetic-align-TTB_SECT-define-value.patch b/recipes-bsp/u-boot/u-boot-ledge/0004-arm-cosmetic-align-TTB_SECT-define-value.patch
new file mode 100644
index 0000000..34675c0
--- /dev/null
+++ b/recipes-bsp/u-boot/u-boot-ledge/0004-arm-cosmetic-align-TTB_SECT-define-value.patch
@@ -0,0 +1,29 @@
+From 6f15b5d39fa4dc9db6bce3aeb0dd74eb7bcfbf78 Mon Sep 17 00:00:00 2001
+From: Patrick Delaunay <patrick.delaunay@foss.st.com>
+Date: Fri, 5 Feb 2021 13:53:35 +0100
+Subject: [PATCH 4/8] arm: cosmetic: align TTB_SECT define value
+
+Align TTB_SECT define value with previous value.
+
+Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
+Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
+---
+ arch/arm/include/asm/system.h | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/arch/arm/include/asm/system.h b/arch/arm/include/asm/system.h
+index abe9244cd048..db5a19b17c19 100644
+--- a/arch/arm/include/asm/system.h
++++ b/arch/arm/include/asm/system.h
+@@ -475,7 +475,7 @@ enum dcache_option {
+ #define TTB_SECT_XN_MASK	(1 << 4)
+ #define TTB_SECT_C_MASK		(1 << 3)
+ #define TTB_SECT_B_MASK		(1 << 2)
+-#define TTB_SECT			(2 << 0)
++#define TTB_SECT		(2 << 0)
+ 
+ /*
+  * Short-descriptor format memory region attributes, without TEX remap
+-- 
+2.30.1
+
diff --git a/recipes-bsp/u-boot/u-boot-ledge/0005-arm-cp15-update-DACR-value-to-activate-access-contro.patch b/recipes-bsp/u-boot/u-boot-ledge/0005-arm-cp15-update-DACR-value-to-activate-access-contro.patch
new file mode 100644
index 0000000..04f55e5
--- /dev/null
+++ b/recipes-bsp/u-boot/u-boot-ledge/0005-arm-cp15-update-DACR-value-to-activate-access-contro.patch
@@ -0,0 +1,52 @@
+From 8d0dfc60d6c9355c05864fda3e1403cf0c02e1d1 Mon Sep 17 00:00:00 2001
+From: Patrick Delaunay <patrick.delaunay@foss.st.com>
+Date: Fri, 5 Feb 2021 13:53:36 +0100
+Subject: [PATCH 5/8] arm: cp15: update DACR value to activate access control
+
+Update the initial value of Domain Access Control Register (DACR)
+and set by default the access permission to client (DACR_Dn_CLIENT = 1U)
+for each of the 16 domains and no more to all-supervisor
+(DACR_Dn_MANAGER = 3U).
+
+This patch allows to activate the domain checking in MMU against the
+permission bits in the translation tables and avoids prefetching issue
+on ARMv7 [1].
+
+Today it was already done for OMAP2 architecture
+./arch/arm/mach-omap2/omap-cache.c::arm_init_domains
+introduced by commit de63ac278cba ("ARM: mmu: Set domain permissions
+to client access") which fixes lot of speculative prefetch aborts seen
+on OMAP5 secure devices.
+
+[1] https://developer.arm.com/documentation/ddi0406/b/System-Level-Architecture/Virtual-Memory-System-Architecture--VMSA-/Memory-access-control/The-Execute-Never--XN--attribute-and-instruction-prefetching
+
+Signed-off-by: Patrick Delaunay <patrick.delaunay@st.com>
+Reported-by: Ard Biesheuvel <ardb@kernel.org>
+Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
+Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
+---
+ arch/arm/lib/cache-cp15.c | 7 +++++--
+ 1 file changed, 5 insertions(+), 2 deletions(-)
+
+diff --git a/arch/arm/lib/cache-cp15.c b/arch/arm/lib/cache-cp15.c
+index abd81d21c73c..f78ce33b1845 100644
+--- a/arch/arm/lib/cache-cp15.c
++++ b/arch/arm/lib/cache-cp15.c
+@@ -202,9 +202,12 @@ static inline void mmu_setup(void)
+ 	asm volatile("mcr p15, 0, %0, c2, c0, 0"
+ 		     : : "r" (gd->arch.tlb_addr) : "memory");
+ #endif
+-	/* Set the access control to all-supervisor */
++	/*
++	 * initial value of Domain Access Control Register (DACR)
++	 * Set the access control to client (1U) for each of the 16 domains
++	 */
+ 	asm volatile("mcr p15, 0, %0, c3, c0, 0"
+-		     : : "r" (~0));
++		     : : "r" (0x55555555)); printf("DACR SET CORRECTLY\n");
+ 
+ 	arm_init_domains();
+ 
+-- 
+2.30.1
+
diff --git a/recipes-bsp/u-boot/u-boot-ledge/0006-arm-omap2-remove-arm_init_domains.patch b/recipes-bsp/u-boot/u-boot-ledge/0006-arm-omap2-remove-arm_init_domains.patch
new file mode 100644
index 0000000..55ccb15
--- /dev/null
+++ b/recipes-bsp/u-boot/u-boot-ledge/0006-arm-omap2-remove-arm_init_domains.patch
@@ -0,0 +1,49 @@
+From e24deaac3f92c5d147f3fa1fd772f92ab9e85cff Mon Sep 17 00:00:00 2001
+From: Patrick Delaunay <patrick.delaunay@foss.st.com>
+Date: Fri, 5 Feb 2021 13:53:37 +0100
+Subject: [PATCH 6/8] arm: omap2: remove arm_init_domains
+
+Remove the arm_init_domains and the DACR update, as it is now done
+in ARMv7 CP15 level.
+
+Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
+Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
+---
+ arch/arm/mach-omap2/omap-cache.c | 17 -----------------
+ 1 file changed, 17 deletions(-)
+
+diff --git a/arch/arm/mach-omap2/omap-cache.c b/arch/arm/mach-omap2/omap-cache.c
+index 502ea6987ab7..451d8e4542b5 100644
+--- a/arch/arm/mach-omap2/omap-cache.c
++++ b/arch/arm/mach-omap2/omap-cache.c
+@@ -40,9 +40,6 @@ DECLARE_GLOBAL_DATA_PTR;
+ #define ARMV7_DCACHE_POLICY	DCACHE_WRITEBACK & ~TTB_SECT_XN_MASK
+ #endif
+ 
+-#define ARMV7_DOMAIN_CLIENT	1
+-#define ARMV7_DOMAIN_MASK	(0x3 << 0)
+-
+ void enable_caches(void)
+ {
+ 
+@@ -66,17 +63,3 @@ void dram_bank_mmu_setup(int bank)
+ 	for (i = start; i < end; i++)
+ 		set_section_dcache(i, ARMV7_DCACHE_POLICY);
+ }
+-
+-void arm_init_domains(void)
+-{
+-	u32 reg;
+-
+-	reg = get_dacr();
+-	/*
+-	* Set DOMAIN to client access so that all permissions
+-	* set in pagetables are validated by the mmu.
+-	*/
+-	reg &= ~ARMV7_DOMAIN_MASK;
+-	reg |= ARMV7_DOMAIN_CLIENT;
+-	set_dacr(reg);
+-}
+-- 
+2.30.1
+
diff --git a/recipes-bsp/u-boot/u-boot-ledge/0007-arm-cp15-remove-weak-function-arm_init_domains.patch b/recipes-bsp/u-boot/u-boot-ledge/0007-arm-cp15-remove-weak-function-arm_init_domains.patch
new file mode 100644
index 0000000..3657e8f
--- /dev/null
+++ b/recipes-bsp/u-boot/u-boot-ledge/0007-arm-cp15-remove-weak-function-arm_init_domains.patch
@@ -0,0 +1,69 @@
+From eb9e5de3acf92b04d27198a4c7cd24da46800001 Mon Sep 17 00:00:00 2001
+From: Patrick Delaunay <patrick.delaunay@foss.st.com>
+Date: Fri, 5 Feb 2021 13:53:38 +0100
+Subject: [PATCH 7/8] arm: cp15: remove weak function arm_init_domains
+
+Remove the unused weak function arm_init_domains used to change the
+DACR value.
+
+Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
+Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
+---
+ arch/arm/cpu/armv7/cache_v7.c | 3 ---
+ arch/arm/include/asm/cache.h  | 1 -
+ arch/arm/lib/cache-cp15.c     | 6 ------
+ 3 files changed, 10 deletions(-)
+
+diff --git a/arch/arm/cpu/armv7/cache_v7.c b/arch/arm/cpu/armv7/cache_v7.c
+index 146cf526089f..19ff4323528b 100644
+--- a/arch/arm/cpu/armv7/cache_v7.c
++++ b/arch/arm/cpu/armv7/cache_v7.c
+@@ -176,9 +176,6 @@ void mmu_page_table_flush(unsigned long start, unsigned long stop)
+ {
+ }
+ 
+-void arm_init_domains(void)
+-{
+-}
+ #endif /* #if !CONFIG_IS_ENABLED(SYS_DCACHE_OFF) */
+ 
+ #if !CONFIG_IS_ENABLED(SYS_ICACHE_OFF)
+diff --git a/arch/arm/include/asm/cache.h b/arch/arm/include/asm/cache.h
+index c20e05ec7fdb..b10edf805b93 100644
+--- a/arch/arm/include/asm/cache.h
++++ b/arch/arm/include/asm/cache.h
+@@ -35,7 +35,6 @@ void l2_cache_disable(void);
+ void set_section_dcache(int section, enum dcache_option option);
+ 
+ void arm_init_before_mmu(void);
+-void arm_init_domains(void);
+ void cpu_cache_initialization(void);
+ void dram_bank_mmu_setup(int bank);
+ 
+diff --git a/arch/arm/lib/cache-cp15.c b/arch/arm/lib/cache-cp15.c
+index f78ce33b1845..8a49e5217cc1 100644
+--- a/arch/arm/lib/cache-cp15.c
++++ b/arch/arm/lib/cache-cp15.c
+@@ -21,10 +21,6 @@ __weak void arm_init_before_mmu(void)
+ {
+ }
+ 
+-__weak void arm_init_domains(void)
+-{
+-}
+-
+ static void set_section_phys(int section, phys_addr_t phys,
+ 			     enum dcache_option option)
+ {
+@@ -209,8 +205,6 @@ static inline void mmu_setup(void)
+ 	asm volatile("mcr p15, 0, %0, c3, c0, 0"
+ 		     : : "r" (0x55555555));
+ 
+-	arm_init_domains();
+-
+ 	/* and enable the mmu */
+ 	reg = get_cr();	/* get control reg. */
+ 	set_cr(reg | CR_M);
+-- 
+2.30.1
+
diff --git a/recipes-bsp/u-boot/u-boot-ledge/0008-arm-remove-set_dacr-get_dacr-functions.patch b/recipes-bsp/u-boot/u-boot-ledge/0008-arm-remove-set_dacr-get_dacr-functions.patch
new file mode 100644
index 0000000..40c8b06
--- /dev/null
+++ b/recipes-bsp/u-boot/u-boot-ledge/0008-arm-remove-set_dacr-get_dacr-functions.patch
@@ -0,0 +1,43 @@
+From a0384f55cdbef9175982e3e4ae94fe112aec1c99 Mon Sep 17 00:00:00 2001
+From: Patrick Delaunay <patrick.delaunay@foss.st.com>
+Date: Fri, 5 Feb 2021 13:53:39 +0100
+Subject: [PATCH 8/8] arm: remove set_dacr/get_dacr functions
+
+Remove the unused function set_dacr/get_dacr
+
+Serie-cc: Ard Biesheuvel <ardb@kernel.org>
+Serie-cc: R Sricharan <r.sricharan@ti.com>
+Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
+Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
+---
+ arch/arm/include/asm/system.h | 14 --------------
+ 1 file changed, 14 deletions(-)
+
+diff --git a/arch/arm/include/asm/system.h b/arch/arm/include/asm/system.h
+index db5a19b17c19..86ae4d3992f6 100644
+--- a/arch/arm/include/asm/system.h
++++ b/arch/arm/include/asm/system.h
+@@ -397,20 +397,6 @@ static inline void set_cr(unsigned int val)
+ 	isb();
+ }
+ 
+-static inline unsigned int get_dacr(void)
+-{
+-	unsigned int val;
+-	asm("mrc p15, 0, %0, c3, c0, 0	@ get DACR" : "=r" (val) : : "cc");
+-	return val;
+-}
+-
+-static inline void set_dacr(unsigned int val)
+-{
+-	asm volatile("mcr p15, 0, %0, c3, c0, 0	@ set DACR"
+-	  : : "r" (val) : "cc");
+-	isb();
+-}
+-
+ #ifdef CONFIG_ARMV7_LPAE
+ /* Long-Descriptor Translation Table Level 1/2 Bits */
+ #define TTB_SECT_XN_MASK	(1ULL << 54)
+-- 
+2.30.1
+
diff --git a/recipes-bsp/u-boot/u-boot-ledge/0009-tpm2-Introduce-TIS-tpm-core.patch b/recipes-bsp/u-boot/u-boot-ledge/0009-tpm2-Introduce-TIS-tpm-core.patch
new file mode 100644
index 0000000..ee8bc86
--- /dev/null
+++ b/recipes-bsp/u-boot/u-boot-ledge/0009-tpm2-Introduce-TIS-tpm-core.patch
@@ -0,0 +1,650 @@
+From a39b2b0a072caa42643e9434850f769c2ccd249b Mon Sep 17 00:00:00 2001
+From: Ilias Apalodimas <ilias.apalodimas@linaro.org>
+Date: Wed, 7 Jul 2021 19:25:58 +0300
+Subject: [PATCH 1/2] tpm2: Introduce TIS tpm core
+
+There's a lot of code duplication in U-Boot right now.  All the TPM TIS
+compatible drivers we have at the moment have their own copy of a TIS
+implementation.
+
+So let's create a common layer which implements the core TIS functions.
+Any driver added from now own, which is compatible with the TIS spec, will
+only have to provide the underlying bus communication mechanisms.
+
+Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
+---
+ drivers/tpm/tpm2_tis_core.c | 545 ++++++++++++++++++++++++++++++++++++
+ drivers/tpm/tpm_tis.h       |  40 +++
+ include/tpm-v2.h            |   1 +
+ 3 files changed, 586 insertions(+)
+ create mode 100644 drivers/tpm/tpm2_tis_core.c
+
+diff --git a/drivers/tpm/tpm2_tis_core.c b/drivers/tpm/tpm2_tis_core.c
+new file mode 100644
+index 0000000000..9860ce2379
+--- /dev/null
++++ b/drivers/tpm/tpm2_tis_core.c
+@@ -0,0 +1,545 @@
++// SPDX-License-Identifier: GPL-2.0
++/*
++ * Copyright (c) 2020, Linaro Limited
++ *
++ * Based on the Linux TIS core interface
++ */
++
++#include <common.h>
++#include <dm.h>
++#include <tpm-v2.h>
++#include <linux/delay.h>
++#include <linux/unaligned/be_byteshift.h>
++#include "tpm_tis.h"
++
++/**
++ * tpm_tis_get_desc - Get the TPM description
++ *
++ * @udev: udevice
++ * @buf:  buffer to fill data
++ * @size: buffer size
++ *
++ * @Return: Number of characters written (or would have been written) in buffer
++ */
++int tpm_tis_get_desc(struct udevice *udev, char *buf, int size)
++{
++	struct tpm_chip *chip = dev_get_priv(udev);
++
++	if (size < 80)
++		return -ENOSPC;
++
++	return snprintf(buf, size,
++			"%s v2.0: VendorID 0x%04x, DeviceID 0x%04x, RevisionID 0x%02x [%s]",
++			udev->name, chip->vend_dev & 0xFFFF,
++			chip->vend_dev >> 16, chip->rid,
++			(chip->is_open ? "open" : "closed"));
++}
++
++/**
++ * tpm_tis_check_locality - Check the current TPM locality
++ *
++ * @udev: udevice
++ * @loc:  locality
++ *
++ * Return: True if the tested locality matches
++ */
++static bool tpm_tis_check_locality(struct udevice *udev, int loc)
++{
++	struct tpm_chip *chip = dev_get_priv(udev);
++	struct tpm_tis_phy_ops *phy_ops = chip->phy_ops;
++	u8 locality;
++
++	if (!phy_ops)
++		return false;
++
++	phy_ops->read_bytes(udev, TPM_ACCESS(loc), 1, &locality);
++	if ((locality & (TPM_ACCESS_ACTIVE_LOCALITY | TPM_ACCESS_VALID |
++	    TPM_ACCESS_REQUEST_USE)) ==
++	    (TPM_ACCESS_ACTIVE_LOCALITY | TPM_ACCESS_VALID)) {
++		chip->locality = loc;
++		return true;
++	}
++
++	return false;
++}
++
++/**
++ * tpm_tis_request_locality - Request a locality from the TPM
++ *
++ * @udev: udevce
++ * @loc:  requested locality
++ *
++ * Return: 0 on success -1 on failure
++ */
++int tpm_tis_request_locality(struct udevice *udev, int loc)
++{
++	struct tpm_chip *chip = dev_get_priv(udev);
++	struct tpm_tis_phy_ops *phy_ops = chip->phy_ops;
++	u8 buf = TPM_ACCESS_REQUEST_USE;
++	unsigned long start, stop;
++
++	if (!phy_ops)
++		return -1;
++
++	if (tpm_tis_check_locality(udev, loc))
++		return 0;
++
++	phy_ops->write_bytes(udev, TPM_ACCESS(loc), 1, &buf);
++	start = get_timer(0);
++	stop = chip->timeout_a;
++	do {
++		if (tpm_tis_check_locality(udev, loc))
++			return 0;
++		mdelay(TPM_TIMEOUT_MS);
++	} while (get_timer(start) < stop);
++
++	return -1;
++}
++
++/**
++ * tpm_tis_status - Check the current device status
++ *
++ * @udev:   udevice
++ * @status: return value of status
++ *
++ * Return: 0 on success, negative on failure
++ */
++static int tpm_tis_status(struct udevice *udev, u8 *status)
++{
++	struct tpm_chip *chip = dev_get_priv(udev);
++	struct tpm_tis_phy_ops *phy_ops = chip->phy_ops;
++
++	if (!phy_ops)
++		return -EINVAL;
++
++	if (chip->locality < 0)
++		return -EINVAL;
++
++	phy_ops->read_bytes(udev, TPM_STS(chip->locality), 1, status);
++
++	if ((*status & TPM_STS_READ_ZERO)) {
++		log_err("TPM returned invalid status\n");
++		return -EINVAL;
++	}
++
++	return 0;
++}
++
++/**
++ * tpm_tis_release_locality - Release the requested locality
++ *
++ * @udev: udevice
++ * @loc:  requested locality
++ *
++ * Return: 0 on success, negative on failure
++ */
++int tpm_tis_release_locality(struct udevice *udev, int loc)
++{
++	struct tpm_chip *chip = dev_get_priv(udev);
++	struct tpm_tis_phy_ops *phy_ops = chip->phy_ops;
++	u8 buf = TPM_ACCESS_ACTIVE_LOCALITY;
++	int ret;
++
++	if (!phy_ops)
++		return -1;
++
++	if (chip->locality < 0)
++		return 0;
++
++	ret = phy_ops->write_bytes(udev, TPM_ACCESS(loc), 1, &buf);
++	if (!ret)
++		chip->locality = -1;
++
++	return ret;
++}
++
++/**
++ * tpm_tis_wait_for_stat - Wait for TPM to become ready
++ *
++ * @udev:    udev
++ * @mask:    mask to match
++ * @timeout: timeout for retries
++ * @status:  current status
++ *
++ * Return: 0 on success, negative on failure
++ */
++static int tpm_tis_wait_for_stat(struct udevice *udev, u8 mask,
++				 unsigned long timeout, u8 *status)
++{
++	unsigned long start = get_timer(0);
++	unsigned long stop = timeout;
++	int ret;
++
++	do {
++		mdelay(TPM_TIMEOUT_MS);
++		ret = tpm_tis_status(udev, status);
++		if (ret)
++			return ret;
++
++		if ((*status & mask) == mask)
++			return 0;
++	} while (get_timer(start) < stop);
++
++	return -ETIMEDOUT;
++}
++
++/**
++ * tpm_tis_get_burstcount - Get the burstcount for the data FIFO
++ *
++ * @udev:       udevice
++ * @burstcount: current burstcount
++ *
++ * Return: 0 on success, negative on failure
++ */
++static int tpm_tis_get_burstcount(struct udevice *udev, size_t *burstcount)
++{
++	struct tpm_chip *chip = dev_get_priv(udev);
++	struct tpm_tis_phy_ops *phy_ops = chip->phy_ops;
++	unsigned long start, stop;
++	u32 burst;
++
++	if (!phy_ops)
++		return -EINVAL;
++
++	if (chip->locality < 0)
++		return -EINVAL;
++
++	/* wait for burstcount */
++	start = get_timer(0);
++	/*
++	 * This is the TPMv2 defined timeout. Change this in case you want to
++	 * make the driver compatile to TPMv1
++	 */
++	stop = chip->timeout_a;
++	do {
++		phy_ops->read32(udev, TPM_STS(chip->locality), &burst);
++		*burstcount = (burst >> 8) & 0xFFFF;
++		if (*burstcount)
++			return 0;
++
++		mdelay(TPM_TIMEOUT_MS);
++	} while (get_timer(start) < stop);
++
++	return -ETIMEDOUT;
++}
++
++/**
++ * tpm_tis_ready - Cancel pending comands and get the device on a ready state
++ *
++ * @udev: udevcie
++ *
++ * Return: 0 on success, negative on failure
++ */
++static int tpm_tis_ready(struct udevice *udev)
++{
++	struct tpm_chip *chip = dev_get_priv(udev);
++	struct tpm_tis_phy_ops *phy_ops = chip->phy_ops;
++	u8 data = TPM_STS_COMMAND_READY;
++
++	if (!phy_ops)
++		return -1;
++
++	/* This will cancel any pending commands */
++	return phy_ops->write_bytes(udev, TPM_STS(chip->locality), 1, &data);
++}
++
++/**
++ * tpm_tis_send - send data to the device
++ *
++ * @udev: udevice
++ * @buf:  buffer to send
++ * @len:  size of the buffer
++ *
++ * Return: number of bytes sent or negative on failure
++ */
++int tpm_tis_send(struct udevice *udev, const u8 *buf, size_t len)
++{
++	struct tpm_chip *chip = dev_get_priv(udev);
++	struct tpm_tis_phy_ops *phy_ops = chip->phy_ops;
++	size_t burstcnt, wr_size, sent = 0;
++	u8 data = TPM_STS_GO;
++	u8 status;
++	int ret;
++
++	if (!phy_ops)
++		return -EINVAL;
++
++	if (!chip)
++		return -ENODEV;
++
++	ret = tpm_tis_request_locality(udev, 0);
++	if (ret < 0)
++		return -EBUSY;
++
++	ret = tpm_tis_status(udev, &status);
++	if (ret)
++		goto release_locality;
++
++	if (!(status & TPM_STS_COMMAND_READY)) {
++		ret = tpm_tis_ready(udev);
++		if (ret) {
++			log_err("Can't cancel previous TPM operation\n");
++			goto release_locality;
++		}
++		ret = tpm_tis_wait_for_stat(udev, TPM_STS_COMMAND_READY,
++					    chip->timeout_b, &status);
++		if (ret) {
++			log_err("TPM not ready\n");
++			goto release_locality;
++		}
++	}
++
++	while (len > 0) {
++		ret = tpm_tis_get_burstcount(udev, &burstcnt);
++		if (ret)
++			goto release_locality;
++
++		wr_size = min(len, burstcnt);
++		ret = phy_ops->write_bytes(udev, TPM_DATA_FIFO(chip->locality),
++					   wr_size, buf + sent);
++		if (ret < 0)
++			goto release_locality;
++
++		ret = tpm_tis_wait_for_stat(udev, TPM_STS_VALID,
++					    chip->timeout_c, &status);
++		if (ret)
++			goto release_locality;
++
++		sent += wr_size;
++		len -= wr_size;
++		/* make sure the TPM expects more data */
++		if (len && !(status & TPM_STS_DATA_EXPECT)) {
++			ret = -EIO;
++			goto release_locality;
++		}
++	}
++
++	/*
++	 * Make a final check ensuring everything is ok and the TPM expects no
++	 * more data
++	 */
++	ret = tpm_tis_wait_for_stat(udev, TPM_STS_VALID, chip->timeout_c,
++				    &status);
++	if (ret)
++		goto release_locality;
++
++	if (status & TPM_STS_DATA_EXPECT) {
++		ret = -EIO;
++		goto release_locality;
++	}
++
++	ret = phy_ops->write_bytes(udev, TPM_STS(chip->locality), 1, &data);
++	if (ret)
++		goto release_locality;
++
++	tpm_tis_release_locality(udev, chip->locality);
++	return sent;
++
++release_locality:
++	tpm_tis_ready(udev);
++	tpm_tis_release_locality(udev, chip->locality);
++
++	return ret;
++}
++
++/**
++ * tpm_tis_recv_data - Receive data from a device. Wrapper for tpm_tis_recv
++ *
++ * @udev: udevice
++ * @buf:  buffer to copy data
++ * @size: buffer size
++ *
++ * Return: bytes read or negative on failure
++ */
++static int tpm_tis_recv_data(struct udevice *udev, u8 *buf, size_t count)
++{
++	struct tpm_chip *chip = dev_get_priv(udev);
++	struct tpm_tis_phy_ops *phy_ops = chip->phy_ops;
++	int size = 0, len, ret;
++	size_t burstcnt;
++	u8 status;
++
++	if (!phy_ops)
++		return -EINVAL;
++
++	while (size < count &&
++	       tpm_tis_wait_for_stat(udev, TPM_STS_DATA_AVAIL | TPM_STS_VALID,
++				     chip->timeout_c, &status) == 0) {
++		ret = tpm_tis_get_burstcount(udev, &burstcnt);
++		if (ret)
++			return burstcnt;
++
++		len = min_t(int, burstcnt, count - size);
++		ret = phy_ops->read_bytes(udev, TPM_DATA_FIFO(chip->locality),
++					  len, buf + size);
++		if (ret < 0)
++			return ret;
++
++		size += len;
++	}
++
++	return size;
++}
++
++/**
++ * tpm_tis_recv - Receive data from a device
++ *
++ * @udev: udevice
++ * @buf:  buffer to copy data
++ * @size: buffer size
++ *
++ * Return: bytes read or negative on failure
++ */
++int tpm_tis_recv(struct udevice *udev, u8 *buf, size_t count)
++{
++	struct tpm_chip *chip = dev_get_priv(udev);
++	int ret;
++	int size, expected;
++
++	if (!chip)
++		return -ENODEV;
++
++	if (count < TPM_HEADER_SIZE)
++		return -E2BIG;
++
++	ret = tpm_tis_request_locality(udev, 0);
++	if (ret < 0)
++		return -EBUSY;
++
++	size = tpm_tis_recv_data(udev, buf, TPM_HEADER_SIZE);
++	if (size < TPM_HEADER_SIZE) {
++		log_err("TPM error, unable to read header\n");
++		goto out;
++	}
++
++	expected = get_unaligned_be32(buf + TPM_CMD_COUNT_OFFSET);
++	if (expected > count) {
++		size = -EIO;
++		log_warning("Too much data: %d > %zu\n", expected, count);
++		goto out;
++	}
++
++	size += tpm_tis_recv_data(udev, &buf[TPM_HEADER_SIZE],
++				   expected - TPM_HEADER_SIZE);
++	if (size < expected) {
++		log(LOGC_NONE, LOGL_ERR,
++		    "TPM error, unable to read remaining bytes of result\n");
++		size = -EIO;
++		goto out;
++	}
++
++out:
++	tpm_tis_ready(udev);
++	tpm_tis_release_locality(udev, chip->locality);
++
++	return size;
++}
++
++/** tpm_tis_cleanup - Get the device in ready state and release locality
++ *
++ * @udev: udevice
++ *
++ * Return: always 0
++ */
++int tpm_tis_cleanup(struct udevice *udev)
++{
++	struct tpm_chip *chip = dev_get_priv(udev);
++
++	tpm_tis_ready(udev);
++	tpm_tis_release_locality(udev, chip->locality);
++
++	return 0;
++}
++
++/**
++ * tpm_tis_open - Open the device and request locality 0
++ *
++ * @udev: udevice
++ *
++ * Return: 0 on success, negative on failure
++ */
++int tpm_tis_open(struct udevice *udev)
++{
++	struct tpm_chip *chip = dev_get_priv(udev);
++	int ret;
++
++	if (chip->is_open)
++		return -EBUSY;
++
++	ret = tpm_tis_request_locality(udev, 0);
++	if (!ret)
++		chip->is_open = 1;
++
++	return ret;
++}
++
++/**
++ * tpm_tis_ops_register - register the PHY ops for the device
++ *
++ * @udev: udevice
++ * @ops: bus ops for the device
++ */
++void tpm_tis_ops_register(struct udevice *udev, struct tpm_tis_phy_ops *ops)
++{
++	struct tpm_chip *chip = dev_get_priv(udev);
++
++	chip->phy_ops = ops;
++}
++
++/**
++ * tpm_tis_init - inititalize the device
++ *
++ * @udev: udevice
++ *
++ * Return: 0 on success, negative on failure
++ */
++int tpm_tis_init(struct udevice *udev)
++{
++	struct tpm_chip *chip = dev_get_priv(udev);
++	struct tpm_tis_phy_ops *phy_ops = chip->phy_ops;
++	int ret;
++	u32 tmp;
++
++	if (!phy_ops)
++		return -1;
++	ret = tpm_tis_request_locality(udev, 0);
++	if (ret)
++		return ret;
++
++	chip->timeout_a = TIS_SHORT_TIMEOUT_MS;
++	chip->timeout_b = TIS_LONG_TIMEOUT_MS;
++	chip->timeout_c = TIS_SHORT_TIMEOUT_MS;
++	chip->timeout_d = TIS_SHORT_TIMEOUT_MS;
++
++	/* Disable interrupts */
++	phy_ops->read32(udev, TPM_INT_ENABLE(chip->locality), &tmp);
++	tmp |= TPM_INTF_CMD_READY_INT | TPM_INTF_LOCALITY_CHANGE_INT |
++	       TPM_INTF_DATA_AVAIL_INT | TPM_INTF_STS_VALID_INT;
++	tmp &= ~TPM_GLOBAL_INT_ENABLE;
++	phy_ops->write32(udev, TPM_INT_ENABLE(chip->locality), tmp);
++
++	phy_ops->read_bytes(udev, TPM_RID(chip->locality), 1, &chip->rid);
++	phy_ops->read32(udev, TPM_DID_VID(chip->locality), &chip->vend_dev);
++
++	return tpm_tis_release_locality(udev, chip->locality);
++}
++
++/**
++ * tpm_tis_close - Close the device and release locality
++ *
++ * @udev: udevice
++ *
++ * Return: 0 on success, negative on failure
++ */
++int tpm_tis_close(struct udevice *udev)
++{
++	struct tpm_chip *chip = dev_get_priv(udev);
++	int ret = 0;
++
++	if (chip->is_open) {
++		ret = tpm_tis_release_locality(udev, chip->locality);
++		chip->is_open = 0;
++	}
++
++	return ret;
++}
+diff --git a/drivers/tpm/tpm_tis.h b/drivers/tpm/tpm_tis.h
+index 2a160fe05c..fde3bb71f7 100644
+--- a/drivers/tpm/tpm_tis.h
++++ b/drivers/tpm/tpm_tis.h
+@@ -21,6 +21,37 @@
+ #include <linux/compiler.h>
+ #include <linux/types.h>
+ 
++struct tpm_tis_phy_ops {
++	int (*read_bytes)(struct udevice *udev, u32 addr, u16 len,
++			  u8 *result);
++	int (*write_bytes)(struct udevice *udev, u32 addr, u16 len,
++			   const u8 *value);
++	int (*read16)(struct udevice *udev, u32 addr, u16 *result);
++	int (*read32)(struct udevice *udev, u32 addr, u32 *result);
++	int (*write32)(struct udevice *udev, u32 addr, u32 src);
++};
++
++enum tis_int_flags {
++	TPM_GLOBAL_INT_ENABLE = 0x80000000,
++	TPM_INTF_BURST_COUNT_STATIC = 0x100,
++	TPM_INTF_CMD_READY_INT = 0x080,
++	TPM_INTF_INT_EDGE_FALLING = 0x040,
++	TPM_INTF_INT_EDGE_RISING = 0x020,
++	TPM_INTF_INT_LEVEL_LOW = 0x010,
++	TPM_INTF_INT_LEVEL_HIGH = 0x008,
++	TPM_INTF_LOCALITY_CHANGE_INT = 0x004,
++	TPM_INTF_STS_VALID_INT = 0x002,
++	TPM_INTF_DATA_AVAIL_INT = 0x001,
++};
++
++#define TPM_ACCESS(l)                   (0x0000 | ((l) << 12))
++#define TPM_INT_ENABLE(l)               (0x0008 | ((l) << 12))
++#define TPM_STS(l)                      (0x0018 | ((l) << 12))
++#define TPM_DATA_FIFO(l)                (0x0024 | ((l) << 12))
++#define TPM_DID_VID(l)                  (0x0F00 | ((l) << 12))
++#define TPM_RID(l)                      (0x0F04 | ((l) << 12))
++#define TPM_INTF_CAPS(l)                (0x0014 | ((l) << 12))
++
+ enum tpm_timeout {
+ 	TPM_TIMEOUT_MS			= 5,
+ 	TIS_SHORT_TIMEOUT_MS		= 750,
+@@ -43,6 +74,7 @@ struct tpm_chip {
+ 	u8 rid;
+ 	unsigned long timeout_a, timeout_b, timeout_c, timeout_d;  /* msec */
+ 	ulong chip_type;
++	struct tpm_tis_phy_ops *phy_ops;
+ };
+ 
+ struct tpm_input_header {
+@@ -130,4 +162,12 @@ enum tis_status {
+ };
+ #endif
+ 
++int tpm_tis_open(struct udevice *udev);
++int tpm_tis_close(struct udevice *udev);
++int tpm_tis_cleanup(struct udevice *udev);
++int tpm_tis_send(struct udevice *udev, const u8 *buf, size_t len);
++int tpm_tis_recv(struct udevice *udev, u8 *buf, size_t count);
++int tpm_tis_get_desc(struct udevice *udev, char *buf, int size);
++int tpm_tis_init(struct udevice *udev);
++void tpm_tis_ops_register(struct udevice *udev, struct tpm_tis_phy_ops *ops);
+ #endif
+diff --git a/include/tpm-v2.h b/include/tpm-v2.h
+index f6c045d354..5b2adab138 100644
+--- a/include/tpm-v2.h
++++ b/include/tpm-v2.h
+@@ -186,6 +186,7 @@ enum {
+ 	TPM_STS_DATA_EXPECT		= 1 << 3,
+ 	TPM_STS_SELF_TEST_DONE		= 1 << 2,
+ 	TPM_STS_RESPONSE_RETRY		= 1 << 1,
++	TPM_STS_READ_ZERO               = 0x23
+ };
+ 
+ enum {
+-- 
+2.17.1
+
diff --git a/recipes-bsp/u-boot/u-boot-ledge/0010-tpm2-Add-a-TPMv2-MMIO-TIS-driver.patch b/recipes-bsp/u-boot/u-boot-ledge/0010-tpm2-Add-a-TPMv2-MMIO-TIS-driver.patch
new file mode 100644
index 0000000..d7fc2e1
--- /dev/null
+++ b/recipes-bsp/u-boot/u-boot-ledge/0010-tpm2-Add-a-TPMv2-MMIO-TIS-driver.patch
@@ -0,0 +1,215 @@
+From cce27a974c08a0c6f463c404c003ca09b476ca5e Mon Sep 17 00:00:00 2001
+From: Ilias Apalodimas <ilias.apalodimas@linaro.org>
+Date: Wed, 7 Jul 2021 19:25:59 +0300
+Subject: [PATCH 2/2] tpm2: Add a TPMv2 MMIO TIS driver
+
+Add support for devices that expose a TPMv2 though MMIO.
+Apart from those devices, we can use the driver in our QEMU setups and
+test TPM related code which is difficult to achieve using the sandbox
+driver (e.g test the EFI TCG2 protocol).
+
+It's worth noting that a previous patch added TPMv2 TIS core functions,
+which the current driver is consuming.
+
+Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
+---
+ drivers/tpm/Kconfig         |   9 +++
+ drivers/tpm/Makefile        |   1 +
+ drivers/tpm/tpm2_tis_mmio.c | 156 ++++++++++++++++++++++++++++++++++++
+ 3 files changed, 166 insertions(+)
+ create mode 100644 drivers/tpm/tpm2_tis_mmio.c
+
+diff --git a/drivers/tpm/Kconfig b/drivers/tpm/Kconfig
+index 9eebab5cfd..406ee8716e 100644
+--- a/drivers/tpm/Kconfig
++++ b/drivers/tpm/Kconfig
+@@ -161,6 +161,15 @@ config TPM2_FTPM_TEE
+ 	help
+ 	  This driver supports firmware TPM running in TEE.
+ 
++config TPM2_MMIO
++	bool "MMIO based TPM2 Interface"
++	depends on TPM_V2
++	help
++	  This driver supports firmware TPM2.0 MMIO interface.
++	  The usual TPM operations and the 'tpm' command can be used to talk
++	  to the device using the standard TPM Interface Specification (TIS)
++	  protocol.
++
+ endif # TPM_V2
+ 
+ endmenu
+diff --git a/drivers/tpm/Makefile b/drivers/tpm/Makefile
+index 8f075b9f45..caa027118f 100644
+--- a/drivers/tpm/Makefile
++++ b/drivers/tpm/Makefile
+@@ -14,3 +14,4 @@ obj-$(CONFIG_TPM2_CR50_I2C) += cr50_i2c.o
+ obj-$(CONFIG_TPM2_TIS_SANDBOX) += tpm2_tis_sandbox.o
+ obj-$(CONFIG_TPM2_TIS_SPI) += tpm2_tis_spi.o
+ obj-$(CONFIG_TPM2_FTPM_TEE) += tpm2_ftpm_tee.o
++obj-$(CONFIG_TPM2_MMIO) += tpm2_tis_core.o tpm2_tis_mmio.o
+diff --git a/drivers/tpm/tpm2_tis_mmio.c b/drivers/tpm/tpm2_tis_mmio.c
+new file mode 100644
+index 0000000000..2183a28071
+--- /dev/null
++++ b/drivers/tpm/tpm2_tis_mmio.c
+@@ -0,0 +1,156 @@
++// SPDX-License-Identifier: GPL-2.0
++/*
++ * driver for mmio TCG/TIS TPM (trusted platform module).
++ *
++ * Specifications at www.trustedcomputinggroup.org
++ */
++
++#include <common.h>
++#include <dm.h>
++#include <log.h>
++#include <tpm-v2.h>
++#include <linux/bitops.h>
++#include <linux/compiler.h>
++#include <linux/delay.h>
++#include <linux/errno.h>
++#include <linux/types.h>
++#include <linux/io.h>
++#include <linux/unaligned/be_byteshift.h>
++#include "tpm_tis.h"
++#include "tpm_internal.h"
++
++struct tpm_tis_chip_data {
++	unsigned int pcr_count;
++	unsigned int pcr_select_min;
++	unsigned int time_before_first_cmd_ms;
++	void __iomem *iobase;
++};
++
++static int mmio_read_bytes(struct udevice *udev, u32 addr, u16 len,
++			   u8 *result)
++{
++	struct tpm_tis_chip_data *drv_data = (void *)dev_get_driver_data(udev);
++
++	while (len--)
++		*result++ = ioread8(drv_data->iobase + addr);
++	return 0;
++}
++
++static int mmio_write_bytes(struct udevice *udev, u32 addr, u16 len,
++			    const u8 *value)
++{
++	struct tpm_tis_chip_data *drv_data = (void *)dev_get_driver_data(udev);
++
++	while (len--)
++		iowrite8(*value++, drv_data->iobase + addr);
++	return 0;
++}
++
++static int mmio_read16(struct udevice *udev, u32 addr, u16 *result)
++{
++	struct tpm_tis_chip_data *drv_data = (void *)dev_get_driver_data(udev);
++
++	*result = ioread16(drv_data->iobase + addr);
++	return 0;
++}
++
++static int mmio_read32(struct udevice *udev, u32 addr, u32 *result)
++{
++	struct tpm_tis_chip_data *drv_data = (void *)dev_get_driver_data(udev);
++
++	*result = ioread32(drv_data->iobase + addr);
++	return 0;
++}
++
++static int mmio_write32(struct udevice *udev, u32 addr, u32 value)
++{
++	struct tpm_tis_chip_data *drv_data = (void *)dev_get_driver_data(udev);
++
++	iowrite32(value, drv_data->iobase + addr);
++	return 0;
++}
++
++static struct tpm_tis_phy_ops phy_ops = {
++	.read_bytes = mmio_read_bytes,
++	.write_bytes = mmio_write_bytes,
++	.read16 = mmio_read16,
++	.read32 = mmio_read32,
++	.write32 = mmio_write32,
++};
++
++static int tpm_tis_probe(struct udevice *udev)
++{
++	struct tpm_tis_chip_data *drv_data = (void *)dev_get_driver_data(udev);
++	struct tpm_chip_priv *priv = dev_get_uclass_priv(udev);
++	int ret = 0;
++	fdt_addr_t ioaddr;
++	u64 sz;
++
++	ioaddr = dev_read_addr(udev);
++	if (ioaddr == FDT_ADDR_T_NONE)
++		return -EINVAL;
++
++	ret = dev_read_u64(udev, "reg", &sz);
++	if (ret)
++		return -EINVAL;
++
++	drv_data->iobase = ioremap(ioaddr, sz);
++	log_info("Remapped TPM2 base: 0x%llx size: 0x%llx\n", ioaddr, sz);
++	tpm_tis_ops_register(udev, &phy_ops);
++	ret = tpm_tis_init(udev);
++	if (ret)
++		goto iounmap;
++
++	priv->pcr_count = drv_data->pcr_count;
++	priv->pcr_select_min = drv_data->pcr_select_min;
++	/*
++	 * Although the driver probably works with a TPMv1 our Kconfig
++	 * limits the driver to TPMv2 only
++	 */
++	priv->version = TPM_V2;
++
++	return ret;
++iounmap:
++	iounmap(drv_data->iobase);
++	return -EINVAL;
++}
++
++static int tpm_tis_remove(struct udevice *udev)
++{
++	struct tpm_tis_chip_data *drv_data = (void *)dev_get_driver_data(udev);
++
++	iounmap(drv_data->iobase);
++	return tpm_tis_cleanup(udev);
++}
++
++static const struct tpm_ops tpm_tis_ops = {
++	.open		= tpm_tis_open,
++	.close		= tpm_tis_close,
++	.get_desc	= tpm_tis_get_desc,
++	.send		= tpm_tis_send,
++	.recv		= tpm_tis_recv,
++	.cleanup	= tpm_tis_cleanup,
++};
++
++static const struct tpm_tis_chip_data tpm_tis_std_chip_data = {
++	.pcr_count = 24,
++	.pcr_select_min = 3,
++};
++
++static const struct udevice_id tpm_tis_ids[] = {
++	{
++		.compatible = "tcg,tpm-tis-mmio",
++		.data = (ulong)&tpm_tis_std_chip_data,
++	},
++	{ }
++};
++
++U_BOOT_DRIVER(tpm_tis_mmio) = {
++	.name   = "tpm_tis_mmio",
++	.id     = UCLASS_TPM,
++	.of_match = tpm_tis_ids,
++	.ops    = &tpm_tis_ops,
++	.probe	= tpm_tis_probe,
++	.remove	= tpm_tis_remove,
++	.priv_auto	= sizeof(struct tpm_chip),
++};
+-- 
+2.17.1
+
diff --git a/recipes-bsp/u-boot/u-boot-ledge/ledge-qemuarm64_defconfig b/recipes-bsp/u-boot/u-boot-ledge/ledge-qemuarm64_defconfig
new file mode 100644
index 0000000..cf661df
--- /dev/null
+++ b/recipes-bsp/u-boot/u-boot-ledge/ledge-qemuarm64_defconfig
@@ -0,0 +1,64 @@
+CONFIG_ARM=y
+CONFIG_POSITION_INDEPENDENT=y
+CONFIG_ARCH_QEMU=y
+CONFIG_TFABOOT=y
+CONFIG_NR_DRAM_BANKS=1
+CONFIG_ENV_SIZE=0x40000
+CONFIG_AHCI=y
+CONFIG_DISTRO_DEFAULTS=y
+CONFIG_FIT=y
+CONFIG_FIT_SIGNATURE=y
+CONFIG_FIT_VERBOSE=y
+CONFIG_FIT_BEST_MATCH=y
+CONFIG_LEGACY_IMAGE_FORMAT=y
+CONFIG_BOOTDELAY=0
+CONFIG_BOOTCOMMAND="virtio scan; load virtio 0 0x70000000 PK.auth; setenv -e -nv -bs -rt -at -i 0x70000000:$filesize PK;load virtio 0 0x70000000 KEK.auth; setenv -e -nv -bs -rt -at -i 0x70000000:$filesize KEK; load virtio 0 0x70000000 db.auth; setenv -e -nv -bs -rt -at -i 0x70000000:$filesize db;  setenv kernel_addr_r 0x60000000; setenv bootargs 'rootwait root=PARTLABEL=rootfs'; efidebug boot add 0000 'kernel' virtio 1:1 /efi/boot/bootaa64.efi; efidebug boot order 0000; bootefi bootmgr"
+CONFIG_USE_PREBOOT=y
+# CONFIG_DISPLAY_CPUINFO is not set
+# CONFIG_DISPLAY_BOARDINFO is not set
+CONFIG_PCI_INIT_R=y
+CONFIG_CMD_BOOTEFI_SELFTEST=y
+CONFIG_CMD_NVEDIT_EFI=y
+CONFIG_CMD_DFU=y
+CONFIG_CMD_MTD=y
+CONFIG_CMD_PCI=y
+CONFIG_CMD_USB=y
+CONFIG_CMD_EFIDEBUG=y
+CONFIG_CMD_MTDPARTS=y
+CONFIG_OF_BOARD=y
+CONFIG_SCSI_AHCI=y
+CONFIG_AHCI_PCI=y
+CONFIG_BLK=y
+CONFIG_DFU_TFTP=y
+CONFIG_DFU_RAM=y
+CONFIG_DFU_MTD=y
+# CONFIG_MMC is not set
+CONFIG_MTD=y
+CONFIG_DM_MTD=y
+CONFIG_MTD_NOR_FLASH=y
+CONFIG_FLASH_CFI_DRIVER=y
+CONFIG_CFI_FLASH=y
+CONFIG_SYS_FLASH_USE_BUFFER_WRITE=y
+CONFIG_FLASH_CFI_MTD=y
+CONFIG_SYS_FLASH_CFI=y
+CONFIG_DM_ETH=y
+CONFIG_E1000=y
+CONFIG_NVME=y
+CONFIG_PCI=y
+CONFIG_DM_PCI=y
+CONFIG_PCIE_ECAM_GENERIC=y
+CONFIG_SCSI=y
+CONFIG_DM_SCSI=y
+CONFIG_SYSRESET=y
+CONFIG_SYSRESET_PSCI=y
+CONFIG_TEE=y
+CONFIG_OPTEE=y
+# CONFIG_CHIMP_OPTEE is not set
+CONFIG_USB=y
+CONFIG_DM_USB=y
+CONFIG_USB_EHCI_HCD=y
+CONFIG_USB_EHCI_PCI=y
+CONFIG_EFI_MM_COMM_TEE=y
+CONFIG_EFI_LOAD_FILE2_INITRD=y
+CONFIG_EFI_INITRD_FILESPEC="virtio 1:1 ledge-initramfs.rootfs.cpio.gz"
+CONFIG_EFI_SECURE_BOOT=y
diff --git a/recipes-bsp/u-boot/u-boot-ledge/ledge-qemuarm_defconfig b/recipes-bsp/u-boot/u-boot-ledge/ledge-qemuarm_defconfig
new file mode 100644
index 0000000..910d064
--- /dev/null
+++ b/recipes-bsp/u-boot/u-boot-ledge/ledge-qemuarm_defconfig
@@ -0,0 +1,64 @@
+CONFIG_ARM=y
+CONFIG_ARM_SMCCC=y
+CONFIG_ARCH_QEMU=y
+CONFIG_TFABOOT=y
+CONFIG_NR_DRAM_BANKS=1
+CONFIG_ENV_SIZE=0x40000
+CONFIG_TARGET_QEMU_ARM_32BIT=y
+CONFIG_ARMV7_LPAE=y
+CONFIG_AHCI=y
+CONFIG_DISTRO_DEFAULTS=y
+CONFIG_FIT=y
+CONFIG_FIT_SIGNATURE=y
+CONFIG_FIT_VERBOSE=y
+CONFIG_FIT_BEST_MATCH=y
+CONFIG_LEGACY_IMAGE_FORMAT=y
+CONFIG_BOOTDELAY=0
+CONFIG_BOOTCOMMAND="virtio scan; load virtio 0 0x70000000 PK.auth; setenv -e -nv -bs -rt -at -i 0x70000000:$filesize PK; load virtio 0 0x70000000 KEK.auth; setenv -e -nv -bs -rt -at -i 0x70000000:$filesize KEK; load virtio 0 0x70000000 db.auth; setenv -e -nv -bs -rt -at -i 0x70000000:$filesize db; setenv kernel_addr_r 0x60000000; setenv bootargs 'rootwait root=PARTLABEL=rootfs console=ttyAMA0,115200 earlyprintk=serial,ttyAMA0,115200'; efidebug boot add 0000 'kernel' virtio 1:1 /efi/boot/bootarm.efi; efidebug boot order 0000; bootefi bootmgr"
+CONFIG_USE_PREBOOT=y
+# CONFIG_DISPLAY_CPUINFO is not set
+# CONFIG_DISPLAY_BOARDINFO is not set
+CONFIG_PCI_INIT_R=y
+CONFIG_CMD_BOOTEFI_SELFTEST=y
+CONFIG_CMD_NVEDIT_EFI=y
+CONFIG_CMD_DFU=y
+CONFIG_CMD_MTD=y
+CONFIG_CMD_PCI=y
+CONFIG_CMD_USB=y
+CONFIG_CMD_EFIDEBUG=y
+CONFIG_CMD_MTDPARTS=y
+CONFIG_OF_BOARD=y
+CONFIG_SCSI_AHCI=y
+CONFIG_AHCI_PCI=y
+CONFIG_BLK=y
+CONFIG_DFU_TFTP=y
+CONFIG_DFU_RAM=y
+CONFIG_DFU_MTD=y
+# CONFIG_MMC is not set
+CONFIG_MTD=y
+CONFIG_DM_MTD=y
+CONFIG_MTD_NOR_FLASH=y
+CONFIG_FLASH_CFI_DRIVER=y
+CONFIG_CFI_FLASH=y
+CONFIG_SYS_FLASH_USE_BUFFER_WRITE=y
+CONFIG_FLASH_CFI_MTD=y
+CONFIG_SYS_FLASH_CFI=y
+CONFIG_DM_ETH=y
+CONFIG_E1000=y
+CONFIG_NVME=y
+CONFIG_PCI=y
+CONFIG_DM_PCI=y
+CONFIG_PCIE_ECAM_GENERIC=y
+CONFIG_SCSI=y
+CONFIG_DM_SCSI=y
+CONFIG_SYSRESET=y
+CONFIG_SYSRESET_PSCI=y
+CONFIG_USB=y
+CONFIG_DM_USB=y
+CONFIG_USB_EHCI_HCD=y
+CONFIG_USB_EHCI_PCI=y
+CONFIG_EFI_LOAD_FILE2_INITRD=y
+CONFIG_EFI_INITRD_FILESPEC="virtio 1:1 ledge-initramfs.rootfs.cpio.gz"
+CONFIG_EFI_SECURE_BOOT=y
+CONFIG_SYS_TEXT_BASE=0x60000000
+CONFIG_HAVE_SYS_TEXT_BASE=y
diff --git a/recipes-bsp/u-boot/u-boot-ledge/ledge-ti-am572x_defconfig b/recipes-bsp/u-boot/u-boot-ledge/ledge-ti-am572x_defconfig
new file mode 100644
index 0000000..896a85a
--- /dev/null
+++ b/recipes-bsp/u-boot/u-boot-ledge/ledge-ti-am572x_defconfig
@@ -0,0 +1,125 @@
+CONFIG_ARM=y
+CONFIG_ARCH_OMAP2PLUS=y
+CONFIG_TI_COMMON_CMD_OPTIONS=y
+CONFIG_SYS_MALLOC_F_LEN=0x2000
+CONFIG_NR_DRAM_BANKS=2
+CONFIG_SYS_SPI_U_BOOT_OFFS=0x40000
+CONFIG_DM_GPIO=y
+CONFIG_SPL_DM_SPI=y
+CONFIG_SPL_TEXT_BASE=0x40300000
+CONFIG_OMAP54XX=y
+CONFIG_TARGET_AM57XX_EVM=y
+CONFIG_SPL=y
+CONFIG_ENV_OFFSET_REDUND=0x280000
+CONFIG_SPL_SPI_FLASH_SUPPORT=y
+CONFIG_SPL_SPI_SUPPORT=y
+CONFIG_ARMV7_LPAE=y
+CONFIG_DEFAULT_DEVICE_TREE="am572x-idk"
+CONFIG_AHCI=y
+CONFIG_DISTRO_DEFAULTS=y
+CONFIG_SPL_LOAD_FIT=y
+# CONFIG_USE_SPL_FIT_GENERATOR is not set
+CONFIG_OF_BOARD_SETUP=y
+CONFIG_SD_BOOT=y
+CONFIG_USE_BOOTARGS=y
+CONFIG_BOOTARGS="androidboot.serialno=${serial#} console=ttyS2,115200 androidboot.console=ttyS2 androidboot.hardware=beagle_x15board"
+CONFIG_BOOTCOMMAND="efidebug boot add 0000 'kernel' mmc 0:2 /efi/boot/bootarm.efi; efidebug boot order 0000; bootefi bootmgr"
+CONFIG_SYS_CONSOLE_INFO_QUIET=y
+CONFIG_BOARD_EARLY_INIT_F=y
+# CONFIG_MISC_INIT_R is not set
+CONFIG_AVB_VERIFY=y
+CONFIG_ANDROID_AB=y
+CONFIG_SPL_SYS_MALLOC_SIMPLE=y
+CONFIG_SPL_SEPARATE_BSS=y
+CONFIG_SPL_DMA=y
+# CONFIG_SPL_NAND_SUPPORT is not set
+CONFIG_SPL_DM_SPI_FLASH=y
+CONFIG_SPL_OS_BOOT=y
+CONFIG_SPL_SPI_LOAD=y
+CONFIG_SPL_YMODEM_SUPPORT=y
+CONFIG_CMD_ADTIMG=y
+CONFIG_CMD_ABOOTIMG=y
+CONFIG_CMD_SPL=y
+CONFIG_CMD_BCB=y
+# CONFIG_CMD_FLASH is not set
+# CONFIG_CMD_GPT is not set
+CONFIG_RANDOM_UUID=y
+# CONFIG_CMD_SETEXPR is not set
+CONFIG_CMD_AB_SELECT=y
+CONFIG_BOOTP_DNS2=y
+CONFIG_CMD_EFIDEBUG=y
+# CONFIG_CMD_PMIC is not set
+CONFIG_CMD_AVB=y
+CONFIG_PARTITION_TYPE_GUID=y
+CONFIG_OF_CONTROL=y
+CONFIG_SPL_OF_CONTROL=y
+CONFIG_OF_LIST="am57xx-beagle-x15 am57xx-beagle-x15-revb1 am57xx-beagle-x15-revc am5729-beagleboneai am572x-idk am571x-idk am574x-idk"
+CONFIG_ENV_OVERWRITE=y
+CONFIG_ENV_IS_IN_MMC=y
+CONFIG_SYS_REDUNDAND_ENVIRONMENT=y
+CONFIG_SYS_RELOC_GD_ENV_ADDR=y
+CONFIG_SYS_MMC_ENV_DEV=1
+CONFIG_ENV_VARS_UBOOT_RUNTIME_CONFIG=y
+CONFIG_VERSION_VARIABLE=y
+CONFIG_BOOTP_SEND_HOSTNAME=y
+CONFIG_DM=y
+CONFIG_SPL_DM=y
+CONFIG_SPL_DM_SEQ_ALIAS=y
+CONFIG_SPL_REGMAP=y
+CONFIG_SPL_SYSCON=y
+CONFIG_SPL_OF_TRANSLATE=y
+CONFIG_DWC_AHCI=y
+CONFIG_CLK=y
+CONFIG_CLK_CDCE9XX=y
+CONFIG_DFU_MMC=y
+CONFIG_DFU_RAM=y
+CONFIG_DFU_SF=y
+CONFIG_USB_FUNCTION_FASTBOOT=y
+CONFIG_FASTBOOT_BUF_ADDR=0x82000000
+CONFIG_FASTBOOT_BUF_SIZE=0x2F000000
+CONFIG_FASTBOOT_USB_DEV=1
+CONFIG_FASTBOOT_FLASH=y
+CONFIG_FASTBOOT_FLASH_MMC_DEV=1
+CONFIG_DM_I2C=y
+CONFIG_MISC=y
+CONFIG_DM_MMC=y
+CONFIG_SUPPORT_EMMC_BOOT=y
+CONFIG_MMC_OMAP_HS=y
+CONFIG_MTD=y
+CONFIG_DM_SPI_FLASH=y
+CONFIG_SF_DEFAULT_MODE=0
+CONFIG_SF_DEFAULT_SPEED=76800000
+CONFIG_SPI_FLASH_SPANSION=y
+CONFIG_PHY_MICREL=y
+CONFIG_PHY_MICREL_KSZ90X1=y
+CONFIG_DM_ETH=y
+CONFIG_MII=y
+CONFIG_DRIVER_TI_CPSW=y
+CONFIG_PIPE3_PHY=y
+CONFIG_OMAP_USB2_PHY=y
+CONFIG_DM_PMIC=y
+CONFIG_PMIC_PALMAS=y
+CONFIG_DM_REGULATOR=y
+CONFIG_DM_REGULATOR_PALMAS=y
+CONFIG_DM_SCSI=y
+CONFIG_DM_SERIAL=y
+CONFIG_SPI=y
+CONFIG_DM_SPI=y
+CONFIG_TI_QSPI=y
+CONFIG_USB=y
+CONFIG_DM_USB=y
+CONFIG_DM_USB_GADGET=y
+CONFIG_SPL_DM_USB_GADGET=y
+CONFIG_USB_XHCI_HCD=y
+CONFIG_USB_XHCI_DWC3=y
+CONFIG_USB_DWC3=y
+CONFIG_USB_DWC3_GENERIC=y
+CONFIG_USB_GADGET=y
+CONFIG_USB_GADGET_MANUFACTURER="Texas Instruments"
+CONFIG_USB_GADGET_VENDOR_NUM=0x0451
+CONFIG_USB_GADGET_PRODUCT_NUM=0xd022
+CONFIG_LIBAVB=y
+CONFIG_EFI_VARIABLES_PRESEED=y
+CONFIG_EFI_LOAD_FILE2_INITRD=y
+CONFIG_EFI_INITRD_FILESPEC="mmc 0:2 ledge-initramfs.rootfs.cpio.gz"
+CONFIG_EFI_SECURE_BOOT=y
diff --git a/recipes-bsp/u-boot/u-boot-ledge/ledge_stm32mp157c_dk2_trusted_defconfig b/recipes-bsp/u-boot/u-boot-ledge/ledge_stm32mp157c_dk2_trusted_defconfig
new file mode 100644
index 0000000..3b76319
--- /dev/null
+++ b/recipes-bsp/u-boot/u-boot-ledge/ledge_stm32mp157c_dk2_trusted_defconfig
@@ -0,0 +1,147 @@
+CONFIG_ARM=y
+CONFIG_ARCH_STM32MP=y
+CONFIG_TFABOOT=y
+CONFIG_SYS_MALLOC_F_LEN=0x3000
+CONFIG_SYS_MEMTEST_START=0xc0000000
+CONFIG_SYS_MEMTEST_END=0xc4000000
+CONFIG_ENV_OFFSET=0x280000
+CONFIG_ENV_SECT_SIZE=0x40000
+CONFIG_TARGET_ST_STM32MP15x=y
+CONFIG_CMD_STM32PROG=y
+CONFIG_TYPEC_STUSB160X=y
+CONFIG_ENV_OFFSET_REDUND=0x2C0000
+CONFIG_DEFAULT_DEVICE_TREE="stm32mp157c-dk2"
+CONFIG_DISTRO_DEFAULTS=y
+CONFIG_FIT=y
+CONFIG_USE_BOOTARGS=y
+CONFIG_BOOTARGS="console=ttySTM0,115200 rootwait root=PARTLABEL=rootfs"
+CONFIG_BOOTCOMMAND="run distro_bootcmd"
+CONFIG_SYS_PROMPT="STM32MP> "
+CONFIG_CMD_ADTIMG=y
+CONFIG_CMD_ERASEENV=y
+CONFIG_CMD_NVEDIT_EFI=y
+CONFIG_CMD_MEMINFO=y
+CONFIG_CMD_MEMTEST=y
+CONFIG_CMD_ADC=y
+CONFIG_CMD_CLK=y
+CONFIG_CMD_DFU=y
+CONFIG_CMD_FUSE=y
+CONFIG_CMD_GPIO=y
+CONFIG_CMD_I2C=y
+CONFIG_CMD_MMC=y
+CONFIG_CMD_REMOTEPROC=y
+CONFIG_CMD_SPI=y
+CONFIG_CMD_USB=y
+CONFIG_CMD_USB_MASS_STORAGE=y
+CONFIG_CMD_BMP=y
+CONFIG_CMD_CACHE=y
+CONFIG_CMD_EFIDEBUG=y
+CONFIG_CMD_TIME=y
+CONFIG_CMD_TIMER=y
+CONFIG_CMD_PMIC=y
+CONFIG_CMD_REGULATOR=y
+CONFIG_CMD_EXT4_WRITE=y
+CONFIG_CMD_MTDPARTS=y
+CONFIG_CMD_UBI=y
+CONFIG_ENV_IS_NOWHERE=y
+CONFIG_ENV_IS_IN_MMC=y
+CONFIG_ENV_IS_IN_SPI_FLASH=y
+CONFIG_ENV_IS_IN_UBI=y
+CONFIG_SYS_REDUNDAND_ENVIRONMENT=y
+CONFIG_ENV_UBI_PART="UBI"
+CONFIG_ENV_UBI_VOLUME="uboot_config"
+CONFIG_ENV_UBI_VOLUME_REDUND="uboot_config_r"
+CONFIG_SYS_RELOC_GD_ENV_ADDR=y
+CONFIG_STM32_ADC=y
+CONFIG_SET_DFU_ALT_INFO=y
+CONFIG_USB_FUNCTION_FASTBOOT=y
+CONFIG_FASTBOOT_BUF_ADDR=0xC0000000
+CONFIG_FASTBOOT_BUF_SIZE=0x02000000
+CONFIG_FASTBOOT_USB_DEV=1
+CONFIG_FASTBOOT_FLASH=y
+CONFIG_FASTBOOT_FLASH_MMC_DEV=1
+CONFIG_GPIO_HOG=y
+CONFIG_DM_HWSPINLOCK=y
+CONFIG_HWSPINLOCK_STM32=y
+CONFIG_DM_I2C=y
+CONFIG_SYS_I2C_STM32F7=y
+CONFIG_LED=y
+CONFIG_LED_GPIO=y
+CONFIG_DM_MAILBOX=y
+CONFIG_STM32_IPCC=y
+CONFIG_STM32_FMC2_EBI=y
+CONFIG_DM_MMC=y
+CONFIG_SUPPORT_EMMC_BOOT=y
+CONFIG_STM32_SDMMC2=y
+CONFIG_MTD=y
+CONFIG_DM_MTD=y
+CONFIG_SYS_MTDPARTS_RUNTIME=y
+CONFIG_MTD_RAW_NAND=y
+CONFIG_NAND_STM32_FMC2=y
+CONFIG_MTD_SPI_NAND=y
+CONFIG_DM_SPI_FLASH=y
+CONFIG_SPI_FLASH_MACRONIX=y
+CONFIG_SPI_FLASH_SPANSION=y
+CONFIG_SPI_FLASH_STMICRO=y
+CONFIG_SPI_FLASH_WINBOND=y
+# CONFIG_SPI_FLASH_USE_4K_SECTORS is not set
+CONFIG_SPI_FLASH_MTD=y
+CONFIG_PHY_REALTEK=y
+CONFIG_DM_ETH=y
+CONFIG_DWC_ETH_QOS=y
+CONFIG_PHY=y
+CONFIG_PHY_STM32_USBPHYC=y
+CONFIG_PINCONF=y
+CONFIG_PINCTRL_STMFX=y
+CONFIG_DM_PMIC=y
+CONFIG_PMIC_STPMIC1=y
+CONFIG_DM_REGULATOR=y
+CONFIG_DM_REGULATOR_FIXED=y
+CONFIG_DM_REGULATOR_GPIO=y
+CONFIG_DM_REGULATOR_STM32_VREFBUF=y
+CONFIG_DM_REGULATOR_STPMIC1=y
+CONFIG_REMOTEPROC_STM32_COPRO=y
+CONFIG_DM_RNG=y
+CONFIG_RNG_STM32MP1=y
+CONFIG_DM_RTC=y
+CONFIG_RTC_STM32=y
+CONFIG_SERIAL_RX_BUFFER=y
+CONFIG_SPI=y
+CONFIG_DM_SPI=y
+CONFIG_STM32_QSPI=y
+CONFIG_STM32_SPI=y
+CONFIG_TEE=y
+CONFIG_OPTEE=y
+# CONFIG_OPTEE_TA_AVB is not set
+CONFIG_USB=y
+CONFIG_DM_USB=y
+CONFIG_DM_USB_GADGET=y
+CONFIG_USB_EHCI_HCD=y
+CONFIG_USB_EHCI_GENERIC=y
+CONFIG_USB_GADGET=y
+CONFIG_USB_GADGET_MANUFACTURER="STMicroelectronics"
+CONFIG_USB_GADGET_VENDOR_NUM=0x0483
+CONFIG_USB_GADGET_PRODUCT_NUM=0x5720
+CONFIG_USB_GADGET_DWC2_OTG=y
+CONFIG_DM_VIDEO=y
+CONFIG_BACKLIGHT_GPIO=y
+CONFIG_VIDEO_LCD_ORISETECH_OTM8009A=y
+CONFIG_VIDEO_LCD_RAYDIUM_RM68200=y
+CONFIG_VIDEO_STM32=y
+CONFIG_VIDEO_STM32_DSI=y
+CONFIG_VIDEO_STM32_MAX_XRES=1280
+CONFIG_VIDEO_STM32_MAX_YRES=800
+CONFIG_VIDEO_BMP_RLE8=y
+CONFIG_BMP_16BPP=y
+CONFIG_BMP_24BPP=y
+CONFIG_BMP_32BPP=y
+CONFIG_WDT=y
+CONFIG_WDT_STM32MP=y
+CONFIG_ERRNO_STR=y
+# CONFIG_HEXDUMP is not set
+CONFIG_FDT_FIXUP_PARTITIONS=y
+CONFIG_EFI_VARIABLES_PRESEED=y
+CONFIG_EFI_SET_TIME=y
+CONFIG_EFI_LOAD_FILE2_INITRD=y
+CONFIG_EFI_INITRD_FILESPEC="mmc 0:7 ledge-initramfs.rootfs.cpio.gz"
+CONFIG_EFI_SECURE_BOOT=y
diff --git a/recipes-bsp/u-boot/u-boot-ledge/ubootefi.var b/recipes-bsp/u-boot/u-boot-ledge/ubootefi.var
new file mode 100644
index 0000000..8cd5e18
--- /dev/null
+++ b/recipes-bsp/u-boot/u-boot-ledge/ubootefi.var
diff --git a/recipes-security/optee/optee-os/0001-HACK-enable-pl011-and-secure-flash.patch b/recipes-security/optee/optee-os/0001-HACK-enable-pl011-and-secure-flash.patch
new file mode 100644
index 0000000..93fd55d
--- /dev/null
+++ b/recipes-security/optee/optee-os/0001-HACK-enable-pl011-and-secure-flash.patch
@@ -0,0 +1,126 @@
+From f736ea3b9de7a82d0c6cbba2cc32bda0777c3d1b Mon Sep 17 00:00:00 2001
+From: Sughosh Ganu <sughosh.ganu@linaro.org>
+Date: Wed, 20 Jan 2021 16:59:37 +0530
+Subject: [PATCH 1/2] HACK: enable pl011 and secure flash
+
+- the pl011 qemu device is mapped in the StMM S1
+  - pa set to 0x9040000
+
+- the secure flash device is mapped in the StMM S1
+  - pa 0x500000 with size 0x200000
+
+- Increase the heap size alloted to StandaloneMm to 698 pages. Memory
+  allocation with the current value fails
+
+Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
+---
+ core/arch/arm/kernel/stmm_sp.c | 79 +++++++++++++++++++++++++++++++++-
+ 1 file changed, 78 insertions(+), 1 deletion(-)
+
+diff --git a/core/arch/arm/kernel/stmm_sp.c b/core/arch/arm/kernel/stmm_sp.c
+index 895d7df2..5addf06a 100644
+--- a/core/arch/arm/kernel/stmm_sp.c
++++ b/core/arch/arm/kernel/stmm_sp.c
+@@ -67,7 +67,7 @@ static const uint16_t mem_mgr_id = 3U;
+ static const uint16_t ffa_storage_id = 4U;
+ 
+ static const unsigned int stmm_stack_size = 4 * SMALL_PAGE_SIZE;
+-static const unsigned int stmm_heap_size = 398 * SMALL_PAGE_SIZE;
++static const unsigned int stmm_heap_size = 698 * SMALL_PAGE_SIZE;
+ static const unsigned int stmm_sec_buf_size = SMALL_PAGE_SIZE;
+ static const unsigned int stmm_ns_comm_buf_size = SMALL_PAGE_SIZE;
+ 
+@@ -214,6 +214,81 @@ static void uncompress_image(void *dst, size_t dst_size, void *src,
+ 		panic("inflateEnd");
+ }
+ 
++static TEE_Result alloc_and_map_io(struct stmm_ctx *spc, paddr_t pa,
++				   size_t sz, uint32_t prot, vaddr_t *va,
++				   size_t pad_begin, size_t pad_end)
++{
++	struct mobj *mobj;
++	TEE_Result res = TEE_SUCCESS;
++
++	sz = ROUNDUP(sz, SMALL_PAGE_SIZE);
++	mobj = mobj_phys_alloc(pa, sz, TEE_MATTR_CACHE_NONCACHE,
++			       CORE_MEM_TA_RAM);
++	if (!mobj)
++		return TEE_ERROR_OUT_OF_MEMORY;
++
++	res = vm_map_pad(&spc->uctx, va, sz, prot, 0, mobj, 0, pad_begin,
++			 pad_end, 0);
++	if (res)
++		mobj_put(mobj);
++
++	return res;
++}
++
++static TEE_Result alloc_SDP_io(struct stmm_ctx *spc, paddr_t pa,
++			       size_t sz, uint32_t prot, vaddr_t *va,
++			       size_t pad_begin, size_t pad_end,
++			       size_t align)
++{
++	struct mobj *mobj;
++	TEE_Result res = TEE_SUCCESS;
++	*va = 0x0;
++
++	sz = ROUNDUP(sz, SMALL_PAGE_SIZE);
++	mobj = mobj_phys_alloc(pa, sz, 0, CORE_MEM_SDP_MEM);
++
++	if (!mobj)
++		return TEE_ERROR_OUT_OF_MEMORY;
++
++	res = vm_map_pad(&spc->uctx, va, 0x200000,
++			 TEE_MATTR_URW | TEE_MATTR_PRW, 0, mobj,
++			 0, pad_begin, pad_end, align);
++
++	if (res != TEE_SUCCESS) {
++		EMSG("failed to set S1 mapping PA %#lX <-> VA %#lX \n",pa, *va);
++		return TEE_ERROR_OUT_OF_MEMORY;
++	}
++
++	return TEE_SUCCESS;
++}
++
++static TEE_Result hack_map_qemu_pl011(struct stmm_ctx *spc)
++{
++	TEE_Result res;
++	vaddr_t uart_va = 0;
++	res = alloc_and_map_io(spc, 0x09040000, 0x00001000,
++			       TEE_MATTR_URW | TEE_MATTR_PRW,
++			       &uart_va, 0, 0);
++	if (res) {
++		EMSG("failed to alloc_and_map uart");
++		return res;
++	}
++	EMSG("------------------------------uart va=%#"PRIxVA, uart_va);
++
++	// start variable space at 0x500000
++	res = alloc_SDP_io(spc, 0x500000, 0x200000,
++			   TEE_MATTR_URW | TEE_MATTR_PRW,
++			   &uart_va, 0, 0, 0x40000);
++	if (res) {
++		EMSG("failed to alloc_and_map secure flash");
++		return res;
++	}
++
++	EMSG("------------------------------secure flash va=%#"PRIxVA, uart_va);
++
++	return res;
++}
++
+ static TEE_Result load_stmm(struct stmm_ctx *spc)
+ {
+ 	struct stmm_boot_info *boot_info = NULL;
+@@ -278,6 +353,8 @@ static TEE_Result load_stmm(struct stmm_ctx *spc)
+ 
+ 	DMSG("stmm load address %#"PRIxVA, image_addr);
+ 
++	hack_map_qemu_pl011(spc);
++
+ 	boot_info = (struct stmm_boot_info *)sec_buf_addr;
+ 	mp_info = (struct stmm_mp_info *)(boot_info + 1);
+ 	*boot_info = (struct stmm_boot_info){
+-- 
+2.17.1
+
diff --git a/recipes-security/optee/optee-os/0001-allow-setting-sysroot-for-libgcc-lookup.patch b/recipes-security/optee/optee-os/0001-allow-setting-sysroot-for-libgcc-lookup.patch
new file mode 100644
index 0000000..28ef89f
--- /dev/null
+++ b/recipes-security/optee/optee-os/0001-allow-setting-sysroot-for-libgcc-lookup.patch
@@ -0,0 +1,31 @@
+From 5cab209fc753311d5953c649d00c844191dd84bf Mon Sep 17 00:00:00 2001
+From: Christophe Priouzeau <christophe.priouzeau@st.com>
+Date: Mon, 31 Aug 2020 16:48:44 +0200
+Subject: [PATCH] allow-setting-sysroot-for-libgcc-lookup
+
+---
+ mk/gcc.mk | 6 +++---
+ 1 file changed, 3 insertions(+), 3 deletions(-)
+
+diff --git a/mk/gcc.mk b/mk/gcc.mk
+index adc77a24..81bfa78a 100644
+--- a/mk/gcc.mk
++++ b/mk/gcc.mk
+@@ -13,11 +13,11 @@ nostdinc$(sm)	:= -nostdinc -isystem $(shell $(CC$(sm)) \
+ 			-print-file-name=include 2> /dev/null)
+ 
+ # Get location of libgcc from gcc
+-libgcc$(sm)  	:= $(shell $(CC$(sm)) $(CFLAGS$(arch-bits-$(sm))) \
++libgcc$(sm)  	:= $(shell $(CC$(sm)) $(LIBGCC_LOCATE_CFLAGS) $(CFLAGS$(arch-bits-$(sm))) \
+ 			-print-libgcc-file-name 2> /dev/null)
+-libstdc++$(sm)	:= $(shell $(CXX$(sm)) $(CXXFLAGS$(arch-bits-$(sm))) $(comp-cxxflags$(sm)) \
++libstdc++$(sm)	:= $(shell $(CXX$(sm)) $(LIBGCC_LOCATE_CFLAGS) $(CXXFLAGS$(arch-bits-$(sm))) $(comp-cxxflags$(sm)) \
+ 			-print-file-name=libstdc++.a 2> /dev/null)
+-libgcc_eh$(sm)	:= $(shell $(CXX$(sm)) $(CXXFLAGS$(arch-bits-$(sm))) $(comp-cxxflags$(sm)) \
++libgcc_eh$(sm)	:= $(shell $(CXX$(sm)) $(LIBGCC_LOCATE_CFLAGS) $(CXXFLAGS$(arch-bits-$(sm))) $(comp-cxxflags$(sm)) \
+ 			-print-file-name=libgcc_eh.a 2> /dev/null)
+ 
+ # Define these to something to discover accidental use
+-- 
+2.17.1
+
diff --git a/recipes-security/optee/optee-os/0002-core-Allow-mobj_phys-to-allocate-IO-regions.patch b/recipes-security/optee/optee-os/0002-core-Allow-mobj_phys-to-allocate-IO-regions.patch
new file mode 100644
index 0000000..365caad
--- /dev/null
+++ b/recipes-security/optee/optee-os/0002-core-Allow-mobj_phys-to-allocate-IO-regions.patch
@@ -0,0 +1,52 @@
+From 5f1dc306a77f8ed94ec4775c3d78fec743c9f185 Mon Sep 17 00:00:00 2001
+From: Pipat Methavanitpong <pipat.methavanitpong@linaro.org>
+Date: Mon, 3 Feb 2020 15:25:09 +0900
+Subject: [PATCH 2/2] core: Allow mobj_phys to allocate IO regions
+
+This commit makes mobj_phys to allocate IO regions.
+It distinguishes between memory and IO allocation requests by
+using `battr` and `cattr` parameters. If `battr` is `CORE_MEM_TA_RAM`
+and `cattr` is `TEE_NATTR_CACHE_NONCACHE`, then it is an IO allocation
+request.
+
+Signed-off-by: Pipat Methavanitpong <pipat1010@gmail.com>
+Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
+---
+ core/arch/arm/mm/mobj.c | 13 ++++++++++---
+ 1 file changed, 10 insertions(+), 3 deletions(-)
+
+diff --git a/core/arch/arm/mm/mobj.c b/core/arch/arm/mm/mobj.c
+index 7a129cf5..1ab96f3d 100644
+--- a/core/arch/arm/mm/mobj.c
++++ b/core/arch/arm/mm/mobj.c
+@@ -147,7 +147,10 @@ struct mobj *mobj_phys_alloc(paddr_t pa, size_t size, uint32_t cattr,
+ 		area_type = MEM_AREA_TEE_RAM_RW_DATA;
+ 		break;
+ 	case CORE_MEM_TA_RAM:
+-		area_type = MEM_AREA_TA_RAM;
++		if (cattr == TEE_MATTR_CACHE_NONCACHE)
++			area_type = MEM_AREA_IO_NSEC;
++		else
++			area_type = MEM_AREA_TA_RAM;
+ 		break;
+ 	case CORE_MEM_NSEC_SHM:
+ 		area_type = MEM_AREA_NSEC_SHM;
+@@ -161,9 +164,13 @@ struct mobj *mobj_phys_alloc(paddr_t pa, size_t size, uint32_t cattr,
+ 	}
+ 
+ 	/* Only SDP memory may not have a virtual address */
+-	va = phys_to_virt(pa, area_type);
+-	if (!va && battr != CORE_MEM_SDP_MEM)
++	if (area_type == MEM_AREA_IO_SEC || area_type == MEM_AREA_IO_NSEC)
++		va = phys_to_virt_io(pa);
++	else
++		va = phys_to_virt(pa, area_type);
++	if (!va && battr != CORE_MEM_SDP_MEM) {
+ 		return NULL;
++	}
+ 
+ 	moph = calloc(1, sizeof(*moph));
+ 	if (!moph)
+-- 
+2.17.1
+
diff --git a/recipes-security/optee/optee-os/3ffb8563-ee28-4047-a7cd-d0e038aa6230.fd b/recipes-security/optee/optee-os/3ffb8563-ee28-4047-a7cd-d0e038aa6230.fd
new file mode 100644
index 0000000..f4e99ab
--- /dev/null
+++ b/recipes-security/optee/optee-os/3ffb8563-ee28-4047-a7cd-d0e038aa6230.fd
diff --git a/recipes-security/optee/optee-os/arm32_bc50d971-d4c9-42c4-82cb-343fb7f37896.stripped.elf b/recipes-security/optee/optee-os/arm32_bc50d971-d4c9-42c4-82cb-343fb7f37896.stripped.elf
new file mode 100755
index 0000000..f5353e3
--- /dev/null
+++ b/recipes-security/optee/optee-os/arm32_bc50d971-d4c9-42c4-82cb-343fb7f37896.stripped.elf
diff --git a/recipes-security/optee/optee-os/bc50d971-d4c9-42c4-82cb-343fb7f37896.stripped.elf b/recipes-security/optee/optee-os/bc50d971-d4c9-42c4-82cb-343fb7f37896.stripped.elf
new file mode 100755
index 0000000..eac93b2
--- /dev/null
+++ b/recipes-security/optee/optee-os/bc50d971-d4c9-42c4-82cb-343fb7f37896.stripped.elf
diff --git a/recipes-security/optee/optee-os_git.bbappend b/recipes-security/optee/optee-os_git.bbappend
new file mode 100644
index 0000000..83981c8
--- /dev/null
+++ b/recipes-security/optee/optee-os_git.bbappend
@@ -0,0 +1,81 @@
+FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}:"
+
+# 3.9
+LIC_FILES_CHKSUM = "file://${S}/LICENSE;md5=c1f21c4f72f372ef38a5a4aee55ec173"
+PV="3.12"
+SRCREV = "3d47a131bca1d9ed511bfd516aa5e70269e12c1d"
+
+DEPENDS += "dtc-native"
+DEPENDS += "python3-pyelftools-native dtc-native python3-pycryptodomex-native python3-pycrypto-native"
+
+SRC_URI_append_ledge-qemuarm = " file://arm32_bc50d971-d4c9-42c4-82cb-343fb7f37896.stripped.elf "
+
+SRC_URI_append_ledge-qemuarm64 = " file://bc50d971-d4c9-42c4-82cb-343fb7f37896.stripped.elf "
+SRC_URI_append_ledge-qemuarm64 = " file://3ffb8563-ee28-4047-a7cd-d0e038aa6230.fd "
+SRC_URI_append_ledge-qemuarm64 = " file://0001-HACK-enable-pl011-and-secure-flash.patch \
+                                   file://0002-core-Allow-mobj_phys-to-allocate-IO-regions.patch \
+				 "
+
+inherit python3native
+
+# ledge-ti-am572x
+OPTEEMACHINE_ledge-ti-am572x = "ti-am57xx"
+OPTEEOUTPUTMACHINE_ledge-ti-am572x = "ti"
+
+EXTRA_OEMAKE_remove_ledge-ti-am572x = "CFG_ARM64_core=y"
+EXTRA_OEMAKE_remove_ledge-ti-am572x = "ta-targets=ta_arm64"
+EXTRA_OEMAKE_append_ledge-ti-am572x = " CFG_ARM32_core=y ta-targets=ta_arm32 "
+EXTRA_OEMAKE_append_ledge-ti-am572x = " CROSS_COMPILE_ta_arm32=${HOST_PREFIX} CROSS_COMPILE=${CROSS_COMPILE} "
+
+EXTRA_OEMAKE_remove_armv7a = "CFG_ARM64_core=y"
+EXTRA_OEMAKE_remove_armv7a = "ta-targets=ta_arm64"
+EXTRA_OEMAKE_append_armv7a = " CFG_ARM32_core=y ta-targets=ta_arm32 "
+EXTRA_OEMAKE_append_armv7a = " CROSS_COMPILE_ta_arm32=${HOST_PREFIX} CROSS_COMPILE=${CROSS_COMPILE} "
+
+# ledge-stm32mp157c-dk2
+OPTEEMACHINE_ledge-stm32mp157c-dk2 = "stm32mp1"
+OPTEEOUTPUTMACHINE_ledge-stm32mp157c-dk2 = "stm32mp1"
+EXTRA_OEMAKE_append_ledge-stm32mp157c-dk2 = " CFG_EMBED_DTB_SOURCE_FILE=stm32mp157c-dk2.dts "
+
+# add traces at startup
+EXTRA_OEMAKE_append =  " CFG_TEE_CORE_DEBUG=n CFG_TEE_CORE_LOG_LEVEL=2 "
+
+OPTEE_ARCH_armv7a = "arm32"
+OPTEE_ARCH_armv7ve = "arm32"
+
+FTPM_UUID="bc50d971-d4c9-42c4-82cb-343fb7f37896"
+STMM_UUID="3ffb8563-ee28-4047-a7cd-d0e038aa6230"
+EXTRA_OEMAKE_append_ledge-qemuarm='CFG_EARLY_TA=y EARLY_TA_PATHS="./${FTPM_UUID}.stripped.elf"'
+
+EXTRA_OEMAKE_append_ledge-qemuarm64='CFG_EARLY_TA=y EARLY_TA_PATHS="../${FTPM_UUID}.stripped.elf"'
+EXTRA_OEMAKE_append_ledge-qemuarm64=' CFG_STMM_PATH="../${STMM_UUID}.fd"'
+EXTRA_OEMAKE_append_ledge-qemuarm64=' CFG_CORE_HEAP_SIZE=524288 CFG_TEE_CORE_LOG_LEVEL=3 DEBUG=1'
+
+do_configure_append_ledge-qemuarm() {
+    cp ../arm32_${FTPM_UUID}.stripped.elf ${FTPM_UUID}.stripped.elf
+}
+
+do_configure_append_ledge-qemuarm64() {
+    cp ../${FTPM_UUID}.stripped.elf ${FTPM_UUID}.stripped.elf
+}
+
+do_install_append_ledge-stm32mp157c-dk2() {
+    # install optee bianries with stm32 images
+    install -m 644 ${B}/out/arm-plat-${OPTEEOUTPUTMACHINE}/core/*.stm32 ${D}${nonarch_base_libdir}/firmware/
+}
+
+do_deploy_append_ledge-qemuarm() {
+    cd ${DEPLOYDIR}
+    ln -sf optee/tee-header_v2.bin   bl32.bin
+    ln -sf optee/tee-pager_v2.bin    bl32_extra1.bin
+    ln -sf optee/tee-pageable_v2.bin bl32_extra2.bin
+    cd -
+}
+
+do_deploy_append_ledge-qemuarm64() {
+    cd ${DEPLOYDIR}
+    ln -sf optee/tee-header_v2.bin   bl32.bin
+    ln -sf optee/tee-pager_v2.bin    bl32_extra1.bin
+    ln -sf optee/tee-pageable_v2.bin bl32_extra2.bin
+    cd -
+}