subtree updates

meta-security: b9bc938785..1856a7cf43:
  Armin Kuster (1):
        scap-security-guide: update to 0.1.69+

  Lei Maohui (2):
        paxctl: Fix do_package QA Issue.
        ccs-tools: Fix do_package QA Issue.

  Martin Jansa (1):
        layer.conf: update LAYERSERIES_COMPAT for nanbield

  Yi Zhao (1):
        scap-security-guide: pass the correct cpe/schemas/xsl paths to oscap

meta-arm: 992c07f7c0..bd0953cc60:
  Abdellatif El Khlifi (1):
        arm-bsp/u-boot: corstone1000: detect the kernel size automatically

  Anusmita Dutta Mazumder (5):
        arm-bsp/u-boot: corstone1000: add unique firmware GUID
        arm-bsp/trusted-firmware-m: corstone1000: add unique firmware GUID
        arm-bsp/scp-firmware: Update N1SDP scp-firmware version
        arm-bsp/n1sdp: Enable tests with pseudo trusted application
        CI: Build custom image for N1SDP optee-xtest

  Delane Brandy (1):
        arm-bsp/corstone1000: mmc2-enablement

  Emekcan Aras (2):
        arm-bsp/trusted-firmware-a: corstone1000: Update TF-A v2.9
        arm-bsp/optee-os: corstone1000: Update optee-os v3.22

  Javier Tia (1):
        optee-client: Add path condition to tee-supplicant.service

  Jon Mason (14):
        arm/trusted-firmware-a: update to 2.9.0
        arm-bsp/juno: update kernel to 6.4
        arm/linux-yocto: change defconfig patch for 6.4
        arm/hafnium: update to v2.8
        arm/linux-yocto: update kernel patches
        arm/trusted-services: add SRCREV_FORMAT
        arm-bsp/tc1: update optee
        arm-bsp/fvp-baser-aemv8r64: update u-boot to 2023.01
        arm-bsp/corstone500: upgrade u-boot to the latest
        arm-bsp/corstone500: removal of support
        arm: patch clean-ups
        arm/edk2: update to 202305 version
        arm/sbsa-acs: update to v7.1.2
        arm-bsp/trusted-firmware-a: remove unneeded patches

  Mariam Elshakfy (2):
        arm-bsp/trusted-firmware-a: Update TF-A version for N1SDP
        arm-bsp/n1sdp: Update edk2-firmware version for N1SDP to 202305

  Ross Burton (3):
        kas/: pass through DISPLAY from environment
        Remove explicit SRCPV
        arm-bsp/external-system: set PACKAGE_ARCH as this is machine-specific

meta-raspberrypi: 5e2f79a6fa..6501ec892c:
  Andrei Gherzan (2):
        ci: Add usrmerge to distro features
        docs: Fix documentation theme

  Sangmo Kang (1):
        omxplayer: fix an error caused by new srcrev fetcher API

Change-Id: Ibfc1e039975c1d20358c861af19fc8538125118e
Signed-off-by: Andrew Geissler <geissonator@yahoo.com>
diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/external-system/external-system_0.1.0.bb b/meta-arm/meta-arm-bsp/recipes-bsp/external-system/external-system_0.1.0.bb
index 8b09ab0..18649ce 100644
--- a/meta-arm/meta-arm-bsp/recipes-bsp/external-system/external-system_0.1.0.bb
+++ b/meta-arm/meta-arm-bsp/recipes-bsp/external-system/external-system_0.1.0.bb
@@ -9,11 +9,12 @@
                     file://cmsis/LICENSE.txt;md5=e3fc50a88d0a364313df4b21ef20c29e"
 
 SRC_URI = "gitsm://git.gitlab.arm.com/arm-reference-solutions/corstone1000/external_system/rtx.git;protocol=https;branch=master \
-           file://race.patch"
+           file://0001-tools-gen_module_code-atomically-rewrite-the-generat.patch"
 SRCREV = "8c9dca74b104ff6c9722fb0738ba93dd3719c080"
-PV .= "+git${SRCPV}"
+PV .= "+git"
 
 COMPATIBLE_MACHINE = "(corstone1000)"
+PACKAGE_ARCH = "${MACHINE_ARCH}"
 
 # PRODUCT is passed to the Makefile to specify the platform to be used.
 PRODUCT = "corstone-1000"
diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/external-system/files/race.patch b/meta-arm/meta-arm-bsp/recipes-bsp/external-system/files/0001-tools-gen_module_code-atomically-rewrite-the-generat.patch
similarity index 91%
rename from meta-arm/meta-arm-bsp/recipes-bsp/external-system/files/race.patch
rename to meta-arm/meta-arm-bsp/recipes-bsp/external-system/files/0001-tools-gen_module_code-atomically-rewrite-the-generat.patch
index c6bc4f2..70087ff 100644
--- a/meta-arm/meta-arm-bsp/recipes-bsp/external-system/files/race.patch
+++ b/meta-arm/meta-arm-bsp/recipes-bsp/external-system/files/0001-tools-gen_module_code-atomically-rewrite-the-generat.patch
@@ -1,11 +1,11 @@
-Upstream-Status: Submitted [https://gitlab.arm.com/arm-reference-solutions/corstone1000/external_system/rtx/-/issues/1]
-Signed-off-by: Ross Burton <ross.burton@arm.com>
-
-From 34e1c04534607f5605255f39fb46e26261fc9c4e Mon Sep 17 00:00:00 2001
+From fa5ed6204f9188134a87ac9dd569e1496759a7f6 Mon Sep 17 00:00:00 2001
 From: Ross Burton <ross.burton@arm.com>
 Date: Tue, 8 Sep 2020 11:49:08 +0100
 Subject: [PATCH] tools/gen_module_code: atomically rewrite the generated files
 
+Upstream-Status: Submitted [https://gitlab.arm.com/arm-reference-solutions/corstone1000/external_system/rtx/-/issues/1]
+Signed-off-by: Ross Burton <ross.burton@arm.com>
+
 The gen_module rule in rules.mk is marked as .PHONY, so make will
 execute it whenever it is mentioned. This results in gen_module_code
 being executed 64 times for a Juno build.
@@ -21,12 +21,13 @@
 
 Change-Id: I82d44f9ea6537a91002e1f80de8861d208571630
 Signed-off-by: Ross Burton <ross.burton@arm.com>
+
 ---
  tools/gen_module_code.py | 19 ++++++++++++++-----
  1 file changed, 14 insertions(+), 5 deletions(-)
 
 diff --git a/tools/gen_module_code.py b/tools/gen_module_code.py
-index 7b3953845..ee099b713 100755
+index 6bf50e0..92623a7 100755
 --- a/tools/gen_module_code.py
 +++ b/tools/gen_module_code.py
 @@ -17,6 +17,7 @@
@@ -37,7 +38,7 @@
  
  DEFAULT_PATH = 'build/'
  
-@@ -53,13 +54,21 @@
+@@ -55,13 +56,21 @@ TEMPLATE_C = "/* This file was auto generated using {} */\n" \
  
  def generate_file(path, filename, content):
      full_filename = os.path.join(path, filename)
diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/hafnium/files/tc/0001-feat-emulate-cntp-timer-register-accesses-using-cnth.patch b/meta-arm/meta-arm-bsp/recipes-bsp/hafnium/files/tc/0001-feat-emulate-cntp-timer-register-accesses-using-cnth.patch
index a9a839e..9ae4b39 100644
--- a/meta-arm/meta-arm-bsp/recipes-bsp/hafnium/files/tc/0001-feat-emulate-cntp-timer-register-accesses-using-cnth.patch
+++ b/meta-arm/meta-arm-bsp/recipes-bsp/hafnium/files/tc/0001-feat-emulate-cntp-timer-register-accesses-using-cnth.patch
@@ -1,4 +1,4 @@
-From f526797b83113cc64e3e658c22d8a5d269896a2a Mon Sep 17 00:00:00 2001
+From 3bc797e097ef2b29acf36560e4d2bfeec31f8d81 Mon Sep 17 00:00:00 2001
 From: Ben Horgan <ben.horgan@arm.com>
 Date: Fri, 4 Mar 2022 16:48:14 +0000
 Subject: [PATCH] feat: emulate cntp timer register accesses using cnthps
@@ -19,7 +19,7 @@
  create mode 100644 src/arch/aarch64/hypervisor/timer_el1.h
 
 diff --git a/Makefile b/Makefile
-index 95cab9a5..21cca938 100644
+index 95cab9a56bfd..21cca938531d 100644
 --- a/Makefile
 +++ b/Makefile
 @@ -60,7 +60,8 @@ CHECKPATCH := $(CURDIR)/third_party/linux/scripts/checkpatch.pl \
@@ -33,7 +33,7 @@
  OUT ?= out/$(PROJECT)
  OUT_DIR = out/$(PROJECT)
 diff --git a/src/arch/aarch64/hypervisor/BUILD.gn b/src/arch/aarch64/hypervisor/BUILD.gn
-index 6068d1e8..de1a414d 100644
+index 6068d1e8f075..de1a414dac68 100644
 --- a/src/arch/aarch64/hypervisor/BUILD.gn
 +++ b/src/arch/aarch64/hypervisor/BUILD.gn
 @@ -45,6 +45,7 @@ source_set("hypervisor") {
@@ -45,7 +45,7 @@
    ]
  
 diff --git a/src/arch/aarch64/hypervisor/cpu.c b/src/arch/aarch64/hypervisor/cpu.c
-index bcf5ffce..d2df77d8 100644
+index 5e025b596674..edd5df134cfc 100644
 --- a/src/arch/aarch64/hypervisor/cpu.c
 +++ b/src/arch/aarch64/hypervisor/cpu.c
 @@ -98,13 +98,20 @@ void arch_regs_reset(struct vcpu *vcpu)
@@ -72,7 +72,7 @@
  	}
  
 diff --git a/src/arch/aarch64/hypervisor/handler.c b/src/arch/aarch64/hypervisor/handler.c
-index 4bd8a3b4..4c1b6e48 100644
+index 3422ff7b8265..c495df40f3f5 100644
 --- a/src/arch/aarch64/hypervisor/handler.c
 +++ b/src/arch/aarch64/hypervisor/handler.c
 @@ -34,6 +34,7 @@
@@ -83,8 +83,8 @@
  
  /**
   * Hypervisor Fault Address Register Non-Secure.
-@@ -1277,6 +1278,11 @@ void handle_system_register_access(uintreg_t esr_el2)
- 			inject_el1_unknown_exception(vcpu, esr_el2);
+@@ -1295,6 +1296,11 @@ void handle_system_register_access(uintreg_t esr_el2)
+ 			inject_el1_sysreg_trap_exception(vcpu, esr_el2);
  			return;
  		}
 +	} else if (timer_el1_is_register_access(esr_el2)) {
@@ -93,11 +93,11 @@
 +			return;
 +		}
  	} else {
- 		inject_el1_unknown_exception(vcpu, esr_el2);
+ 		inject_el1_sysreg_trap_exception(vcpu, esr_el2);
  		return;
 diff --git a/src/arch/aarch64/hypervisor/timer_el1.c b/src/arch/aarch64/hypervisor/timer_el1.c
 new file mode 100644
-index 00000000..c30e5543
+index 000000000000..c30e5543f436
 --- /dev/null
 +++ b/src/arch/aarch64/hypervisor/timer_el1.c
 @@ -0,0 +1,104 @@
@@ -207,7 +207,7 @@
 +}
 diff --git a/src/arch/aarch64/hypervisor/timer_el1.h b/src/arch/aarch64/hypervisor/timer_el1.h
 new file mode 100644
-index 00000000..04a43b6c
+index 000000000000..04a43b6ca335
 --- /dev/null
 +++ b/src/arch/aarch64/hypervisor/timer_el1.h
 @@ -0,0 +1,20 @@
@@ -232,10 +232,10 @@
 +bool timer_el1_process_access(struct vcpu *vcpu, ffa_vm_id_t vm_id,
 +			      uintreg_t esr);
 diff --git a/src/arch/aarch64/msr.h b/src/arch/aarch64/msr.h
-index cd6778b4..55e78330 100644
+index 6edc39f2af48..bf1a66d1d4c5 100644
 --- a/src/arch/aarch64/msr.h
 +++ b/src/arch/aarch64/msr.h
-@@ -126,3 +126,11 @@
+@@ -131,3 +131,11 @@
  #define MSR_ELR_EL12 S3_5_C4_C0_1
  
  #endif
@@ -247,4 +247,3 @@
 +#define MSR_CNTHPS_CTL_EL2 S3_4_C14_C5_1
 +#define MSR_CNTHPS_CVAL_EL2 S3_4_C14_C5_2
 +#define MSR_CNTHPS_TVAL_EL2 S3_4_C14_C5_0
-
diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/hafnium/files/tc/0002-feat-vhe-enable-vhe-and-disable-branch-protection-fo.patch b/meta-arm/meta-arm-bsp/recipes-bsp/hafnium/files/tc/0001-feat-vhe-enable-vhe-and-disable-branch-protection-fo.patch
similarity index 80%
rename from meta-arm/meta-arm-bsp/recipes-bsp/hafnium/files/tc/0002-feat-vhe-enable-vhe-and-disable-branch-protection-fo.patch
rename to meta-arm/meta-arm-bsp/recipes-bsp/hafnium/files/tc/0001-feat-vhe-enable-vhe-and-disable-branch-protection-fo.patch
index 9960f65..9627a76 100644
--- a/meta-arm/meta-arm-bsp/recipes-bsp/hafnium/files/tc/0002-feat-vhe-enable-vhe-and-disable-branch-protection-fo.patch
+++ b/meta-arm/meta-arm-bsp/recipes-bsp/hafnium/files/tc/0001-feat-vhe-enable-vhe-and-disable-branch-protection-fo.patch
@@ -11,21 +11,22 @@
  1 file changed, 1 insertion(+), 1 deletion(-)
 
 diff --git a/BUILD.gn b/BUILD.gn
-index 62ba763..f26ce03 100644
+index cc6a78f4fdb8..acd1f9d1634b 100644
 --- a/BUILD.gn
 +++ b/BUILD.gn
-@@ -238,7 +238,6 @@ aarch64_toolchains("secure_tc") {
-   heap_pages = 120
+@@ -245,7 +245,6 @@ aarch64_toolchains("secure_tc") {
+   heap_pages = 180
    max_cpus = 8
    max_vms = 16
 -  branch_protection = "standard"
    toolchain_args = {
      plat_ffa = "//src/arch/aarch64/plat/ffa:spmc"
      plat_psci = "//src/arch/aarch64/plat/psci:spmc"
-@@ -247,5 +246,6 @@ aarch64_toolchains("secure_tc") {
+@@ -254,6 +253,7 @@ aarch64_toolchains("secure_tc") {
      secure_world = "1"
      pl011_base_address = "0x7ff80000"
      enable_mte = "1"
 +    enable_vhe = "1"
+     plat_log_level = "LOG_LEVEL_INFO"
    }
  }
diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/hafnium/files/tc/0001-tc-increase-heap-pages.patch b/meta-arm/meta-arm-bsp/recipes-bsp/hafnium/files/tc/0001-tc-increase-heap-pages.patch
deleted file mode 100644
index fa35efc..0000000
--- a/meta-arm/meta-arm-bsp/recipes-bsp/hafnium/files/tc/0001-tc-increase-heap-pages.patch
+++ /dev/null
@@ -1,27 +0,0 @@
-From 613dea068fa546956717ce0b60328e39d451f661 Mon Sep 17 00:00:00 2001
-From: Arunachalam Ganapathy <arunachalam.ganapathy@arm.com>
-Date: Fri, 29 Apr 2022 20:07:50 +0100
-Subject: [PATCH] tc: increase heap pages
-
-Upstream-Status: Pending
-Signed-off-by: Arunachalam Ganapathy <arunachalam.ganapathy@arm.com>
----
- BUILD.gn | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/BUILD.gn b/BUILD.gn
-index 6b9b383..62ba763 100644
---- a/BUILD.gn
-+++ b/BUILD.gn
-@@ -235,7 +235,7 @@ aarch64_toolchains("secure_tc") {
-   gicd_base_address = "0x30000000"
-   gicr_base_address = "0x30080000"
-   gicr_frames = 8
--  heap_pages = 60
-+  heap_pages = 120
-   max_cpus = 8
-   max_vms = 16
-   branch_protection = "standard"
--- 
-2.30.2
-
diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/hafnium/files/tc/0002-feat-emulate-interrupt-controller-register-access.patch b/meta-arm/meta-arm-bsp/recipes-bsp/hafnium/files/tc/0002-feat-emulate-interrupt-controller-register-access.patch
index d9ec6e2..3e67615 100644
--- a/meta-arm/meta-arm-bsp/recipes-bsp/hafnium/files/tc/0002-feat-emulate-interrupt-controller-register-access.patch
+++ b/meta-arm/meta-arm-bsp/recipes-bsp/hafnium/files/tc/0002-feat-emulate-interrupt-controller-register-access.patch
@@ -1,4 +1,4 @@
-From 97a8ca1835f5d9512dacda497540d5523e56c7dd Mon Sep 17 00:00:00 2001
+From 9f5b07e30c82713b9598ea60d9f802bd419b560f Mon Sep 17 00:00:00 2001
 From: Arunachalam Ganapathy <arunachalam.ganapathy@arm.com>
 Date: Tue, 26 Apr 2022 14:43:58 +0100
 Subject: [PATCH] feat: emulate interrupt controller register access
@@ -16,10 +16,10 @@
  4 files changed, 97 insertions(+)
 
 diff --git a/src/arch/aarch64/hypervisor/handler.c b/src/arch/aarch64/hypervisor/handler.c
-index 4c1b6e48..cd5146bd 100644
+index c495df40f3f5..13578fc99670 100644
 --- a/src/arch/aarch64/hypervisor/handler.c
 +++ b/src/arch/aarch64/hypervisor/handler.c
-@@ -1283,6 +1283,11 @@ void handle_system_register_access(uintreg_t esr_el2)
+@@ -1301,6 +1301,11 @@ void handle_system_register_access(uintreg_t esr_el2)
  			inject_el1_unknown_exception(vcpu, esr_el2);
  			return;
  		}
@@ -29,10 +29,10 @@
 +			return;
 +		}
  	} else {
- 		inject_el1_unknown_exception(vcpu, esr_el2);
+ 		inject_el1_sysreg_trap_exception(vcpu, esr_el2);
  		return;
 diff --git a/src/arch/aarch64/hypervisor/perfmon.c b/src/arch/aarch64/hypervisor/perfmon.c
-index f13b0354..05e216c8 100644
+index f13b035480d8..05e216c84c2e 100644
 --- a/src/arch/aarch64/hypervisor/perfmon.c
 +++ b/src/arch/aarch64/hypervisor/perfmon.c
 @@ -116,6 +116,10 @@
@@ -131,7 +131,7 @@
 +	return true;
 +}
 diff --git a/src/arch/aarch64/hypervisor/perfmon.h b/src/arch/aarch64/hypervisor/perfmon.h
-index 81669ba1..c90d45bf 100644
+index 81669ba1c401..c90d45bfc239 100644
 --- a/src/arch/aarch64/hypervisor/perfmon.h
 +++ b/src/arch/aarch64/hypervisor/perfmon.h
 @@ -70,3 +70,8 @@ bool perfmon_process_access(struct vcpu *vcpu, ffa_vm_id_t vm_id,
@@ -144,14 +144,13 @@
 +bool intr_ctrl_el1_process_access(struct vcpu *vcpu, ffa_vm_id_t vm_id,
 +				  uintreg_t esr);
 diff --git a/src/arch/aarch64/msr.h b/src/arch/aarch64/msr.h
-index 55e78330..82aa8846 100644
+index bf1a66d1d4c5..b88a14b52f68 100644
 --- a/src/arch/aarch64/msr.h
 +++ b/src/arch/aarch64/msr.h
-@@ -134,3 +134,6 @@
+@@ -139,3 +139,6 @@
  #define MSR_CNTHPS_CTL_EL2 S3_4_C14_C5_1
  #define MSR_CNTHPS_CVAL_EL2 S3_4_C14_C5_2
  #define MSR_CNTHPS_TVAL_EL2 S3_4_C14_C5_0
 +
 +#define ICC_IGRPEN1_EL1 S3_0_C12_C12_7
 +#define ICC_SGI1R_EL1 S3_0_C12_C11_5
-
diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/hafnium/files/tc/0003-feat-disable-alignment-check-for-EL0-partitions.patch b/meta-arm/meta-arm-bsp/recipes-bsp/hafnium/files/tc/0003-feat-disable-alignment-check-for-EL0-partitions.patch
deleted file mode 100644
index 5e620cf..0000000
--- a/meta-arm/meta-arm-bsp/recipes-bsp/hafnium/files/tc/0003-feat-disable-alignment-check-for-EL0-partitions.patch
+++ /dev/null
@@ -1,318 +0,0 @@
-From 1c4d28493faed6cf189c75fa91d19131e6a34e04 Mon Sep 17 00:00:00 2001
-From: Olivier Deprez <olivier.deprez@arm.com>
-Date: Mon, 8 Aug 2022 19:14:23 +0200
-Subject: [PATCH] feat: disable alignment check for EL0 partitions
-
-Relax hw alignment check specifically for (S-)EL0 partitions when
-Hafnium runs with VHE enabled. EL1 partitions have a specific control
-for EL1 and EL0 with respect to alignment check.
-Create a hyp_state structure (from already defined flying registers)
-within the vCPU context to hold the Hypervisor EL2 static configuration
-applied when a vCPU runs. This state is switched back and forth when
-running the Hypervisor or the VM.
-Add SCTLR_EL2 to this context. An EL0 partition context is initialized
-with SCTLR_EL2.A=0 such that alignment check is disabled when EL0 runs
-in the EL2&0 translation regime. SCTLR_EL2.A is set back when returning
-to the Hypervisor such that Hypervisor execution runs with aligment
-check enabled at EL2.
-Remove HCR_EL2 saving from vCPU exit path provided this register state
-is static and doesn't change while a vCPU runs.
-The rationale for such change is to permit running upstream SW stacks
-such as the EDKII/StandaloneMm [1] for which default build assumes
-unaligned accesses are permitted. Similar query exists for running
-Trusted Services on top of Hafnium [2].
-
-[1] https://github.com/tianocore/edk2/tree/master/StandaloneMmPkg
-[2] https://trusted-services.readthedocs.io/en/integration/
-
-Signed-off-by: Olivier Deprez <olivier.deprez@arm.com>
-Change-Id: I2906f4c712425fcfb31adbf89e2e3b9ca293f181
-Upstream-Status: Submitted [https://review.trustedfirmware.org/c/hafnium/hafnium/+/16195]
----
- src/arch/aarch64/hypervisor/cpu.c        |  9 ++++---
- src/arch/aarch64/hypervisor/exceptions.S | 32 ++++++++++++++++--------
- src/arch/aarch64/hypervisor/feature_id.c |  6 ++---
- src/arch/aarch64/hypervisor/handler.c    | 18 +++++++------
- src/arch/aarch64/inc/hf/arch/types.h     |  9 +++++--
- src/arch/aarch64/mm.c                    |  2 +-
- src/arch/aarch64/sysregs.c               | 11 ++++++--
- src/arch/aarch64/sysregs.h               |  2 +-
- 8 files changed, 59 insertions(+), 30 deletions(-)
-
-diff --git a/src/arch/aarch64/hypervisor/cpu.c b/src/arch/aarch64/hypervisor/cpu.c
-index d2df77d8..a000159b 100644
---- a/src/arch/aarch64/hypervisor/cpu.c
-+++ b/src/arch/aarch64/hypervisor/cpu.c
-@@ -115,7 +115,9 @@ void arch_regs_reset(struct vcpu *vcpu)
- 		}
- 	}
- 
--	r->hcr_el2 = get_hcr_el2_value(vm_id, vcpu->vm->el0_partition);
-+	r->hyp_state.hcr_el2 =
-+		get_hcr_el2_value(vm_id, vcpu->vm->el0_partition);
-+	r->hyp_state.sctlr_el2 = get_sctlr_el2_value(vcpu->vm->el0_partition);
- 	r->lazy.cnthctl_el2 = cnthctl;
- 	if (vcpu->vm->el0_partition) {
- 		CHECK(has_vhe_support());
-@@ -125,10 +127,11 @@ void arch_regs_reset(struct vcpu *vcpu)
- 		 * are ignored and treated as 0. There is no need to mask the
- 		 * VMID (used as asid) to only 8 bits.
- 		 */
--		r->ttbr0_el2 = pa_addr(table) | ((uint64_t)vm_id << 48);
-+		r->hyp_state.ttbr0_el2 =
-+			pa_addr(table) | ((uint64_t)vm_id << 48);
- 		r->spsr = PSR_PE_MODE_EL0T;
- 	} else {
--		r->ttbr0_el2 = read_msr(ttbr0_el2);
-+		r->hyp_state.ttbr0_el2 = read_msr(ttbr0_el2);
- 		r->lazy.vtcr_el2 = arch_mm_get_vtcr_el2();
- 		r->lazy.vttbr_el2 = pa_addr(table) | ((uint64_t)vm_id << 48);
- #if SECURE_WORLD == 1
-diff --git a/src/arch/aarch64/hypervisor/exceptions.S b/src/arch/aarch64/hypervisor/exceptions.S
-index 539e196d..d3732f86 100644
---- a/src/arch/aarch64/hypervisor/exceptions.S
-+++ b/src/arch/aarch64/hypervisor/exceptions.S
-@@ -20,6 +20,9 @@
- #define ID_AA64PFR0_SVE_SHIFT (32)
- #define ID_AA64PFR0_SVE_LENGTH (4)
- 
-+#define SCTLR_EL2_A_SHIFT	(1)
-+#define HCR_EL2_TGE_SHIFT	(27)
-+
- /**
-  * Saves the volatile registers into the register buffer of the current vCPU.
-  */
-@@ -51,8 +54,6 @@
- 	mrs x1, elr_el2
- 	mrs x2, spsr_el2
- 	stp x1, x2, [x18, #VCPU_REGS + 8 * 31]
--	mrs x1, hcr_el2
--	str x1, [x18, #VCPU_REGS + 8 * 33]
- .endm
- 
- /**
-@@ -871,12 +872,13 @@ vcpu_restore_volatile_and_run:
- 	msr elr_el2, x1
- 	msr spsr_el2, x2
- 
--	ldr x1, [x0, #VCPU_REGS + 8 * 33]
-+	ldp x1, x2, [x0, #VCPU_REGS + 8 * 33]
- 	msr hcr_el2, x1
-+	msr ttbr0_el2, x2
- 	isb
- 
--	ldr x1, [x0, #VCPU_REGS + 8 * 34]
--	msr ttbr0_el2, x1
-+	ldr x1, [x0, #VCPU_REGS + 8 * 35]
-+	msr sctlr_el2, x1
- 	isb
- 
- 	/* Restore x0..x3, which we have used as scratch before. */
-@@ -886,15 +888,17 @@ vcpu_restore_volatile_and_run:
- 
- #if ENABLE_VHE
- enable_vhe_tge:
-+	mrs x0, id_aa64mmfr1_el1
-+	tst x0, #0xf00
-+	b.eq 1f
-+
- 	/**
- 	 * Switch to host mode ({E2H, TGE} = {1,1}) when VHE is enabled.
- 	 * Note that E2H is always set when VHE is enabled.
- 	 */
--	mrs x0, id_aa64mmfr1_el1
--	tst x0, #0xf00
--	b.eq 1f
--	orr x1, x1, #(1 << 27)
--	msr hcr_el2, x1
-+	mrs x0, hcr_el2
-+	orr x0, x0, #(1 << HCR_EL2_TGE_SHIFT)
-+	msr hcr_el2, x0
- 	isb
- 
- 	/**
-@@ -905,6 +909,14 @@ enable_vhe_tge:
- 	ldr x0, [x0]
- 	msr ttbr0_el2, x0
- 	isb
-+
-+	/**
-+	 * Enable alignment check while Hypervisor runs.
-+	 */
-+	mrs x0, sctlr_el2
-+	orr x0, x0, #(1 << SCTLR_EL2_A_SHIFT)
-+	msr sctlr_el2, x0
-+	isb
- 1:
- 	ret
- #endif
-diff --git a/src/arch/aarch64/hypervisor/feature_id.c b/src/arch/aarch64/hypervisor/feature_id.c
-index ed3bf8f1..57f32627 100644
---- a/src/arch/aarch64/hypervisor/feature_id.c
-+++ b/src/arch/aarch64/hypervisor/feature_id.c
-@@ -175,7 +175,7 @@ void feature_set_traps(struct vm *vm, struct arch_regs *regs)
- 		~(ID_AA64MMFR1_EL1_VH_MASK << ID_AA64MMFR1_EL1_VH_SHIFT);
- 
- 	if (features & HF_FEATURE_RAS) {
--		regs->hcr_el2 |= HCR_EL2_TERR;
-+		regs->hyp_state.hcr_el2 |= HCR_EL2_TERR;
- 		vm->arch.tid3_masks.id_aa64mmfr1_el1 &=
- 			~ID_AA64MMFR1_EL1_SPEC_SEI;
- 		vm->arch.tid3_masks.id_aa64pfr0_el1 &= ~ID_AA64PFR0_EL1_RAS;
-@@ -221,14 +221,14 @@ void feature_set_traps(struct vm *vm, struct arch_regs *regs)
- 	}
- 
- 	if (features & HF_FEATURE_LOR) {
--		regs->hcr_el2 |= HCR_EL2_TLOR;
-+		regs->hyp_state.hcr_el2 |= HCR_EL2_TLOR;
- 
- 		vm->arch.tid3_masks.id_aa64mmfr1_el1 &= ~ID_AA64MMFR1_EL1_LO;
- 	}
- 
- 	if (features & HF_FEATURE_PAUTH) {
- 		/* APK and API bits *enable* trapping when cleared. */
--		regs->hcr_el2 &= ~(HCR_EL2_APK | HCR_EL2_API);
-+		regs->hyp_state.hcr_el2 &= ~(HCR_EL2_APK | HCR_EL2_API);
- 
- 		vm->arch.tid3_masks.id_aa64isar1_el1 &= ~ID_AA64ISAR1_EL1_GPI;
- 		vm->arch.tid3_masks.id_aa64isar1_el1 &= ~ID_AA64ISAR1_EL1_GPA;
-diff --git a/src/arch/aarch64/hypervisor/handler.c b/src/arch/aarch64/hypervisor/handler.c
-index cd5146bd..8a3d6289 100644
---- a/src/arch/aarch64/hypervisor/handler.c
-+++ b/src/arch/aarch64/hypervisor/handler.c
-@@ -272,9 +272,9 @@ noreturn void sync_current_exception_noreturn(uintreg_t elr, uintreg_t spsr)
- static void set_virtual_irq(struct arch_regs *r, bool enable)
- {
- 	if (enable) {
--		r->hcr_el2 |= HCR_EL2_VI;
-+		r->hyp_state.hcr_el2 |= HCR_EL2_VI;
- 	} else {
--		r->hcr_el2 &= ~HCR_EL2_VI;
-+		r->hyp_state.hcr_el2 &= ~HCR_EL2_VI;
- 	}
- }
- 
-@@ -283,14 +283,15 @@ static void set_virtual_irq(struct arch_regs *r, bool enable)
-  */
- static void set_virtual_irq_current(bool enable)
- {
--	uintreg_t hcr_el2 = current()->regs.hcr_el2;
-+	struct vcpu *vcpu = current();
-+	uintreg_t hcr_el2 = vcpu->regs.hyp_state.hcr_el2;
- 
- 	if (enable) {
- 		hcr_el2 |= HCR_EL2_VI;
- 	} else {
- 		hcr_el2 &= ~HCR_EL2_VI;
- 	}
--	current()->regs.hcr_el2 = hcr_el2;
-+	vcpu->regs.hyp_state.hcr_el2 = hcr_el2;
- }
- 
- /**
-@@ -300,9 +301,9 @@ static void set_virtual_irq_current(bool enable)
- static void set_virtual_fiq(struct arch_regs *r, bool enable)
- {
- 	if (enable) {
--		r->hcr_el2 |= HCR_EL2_VF;
-+		r->hyp_state.hcr_el2 |= HCR_EL2_VF;
- 	} else {
--		r->hcr_el2 &= ~HCR_EL2_VF;
-+		r->hyp_state.hcr_el2 &= ~HCR_EL2_VF;
- 	}
- }
- 
-@@ -311,14 +312,15 @@ static void set_virtual_fiq(struct arch_regs *r, bool enable)
-  */
- static void set_virtual_fiq_current(bool enable)
- {
--	uintreg_t hcr_el2 = current()->regs.hcr_el2;
-+	struct vcpu *vcpu = current();
-+	uintreg_t hcr_el2 = vcpu->regs.hyp_state.hcr_el2;
- 
- 	if (enable) {
- 		hcr_el2 |= HCR_EL2_VF;
- 	} else {
- 		hcr_el2 &= ~HCR_EL2_VF;
- 	}
--	current()->regs.hcr_el2 = hcr_el2;
-+	vcpu->regs.hyp_state.hcr_el2 = hcr_el2;
- }
- 
- #if SECURE_WORLD == 1
-diff --git a/src/arch/aarch64/inc/hf/arch/types.h b/src/arch/aarch64/inc/hf/arch/types.h
-index 6379d73e..6b8b24f1 100644
---- a/src/arch/aarch64/inc/hf/arch/types.h
-+++ b/src/arch/aarch64/inc/hf/arch/types.h
-@@ -79,8 +79,13 @@ struct arch_regs {
- 	uintreg_t r[NUM_GP_REGS];
- 	uintreg_t pc;
- 	uintreg_t spsr;
--	uintreg_t hcr_el2;
--	uintreg_t ttbr0_el2;
-+
-+	/* Hypervisor configuration while a vCPU runs. */
-+	struct {
-+		uintreg_t hcr_el2;
-+		uintreg_t ttbr0_el2;
-+		uintreg_t sctlr_el2;
-+	} hyp_state;
- 
- 	/*
- 	 * System registers.
-diff --git a/src/arch/aarch64/mm.c b/src/arch/aarch64/mm.c
-index 8ee65ca0..487ae353 100644
---- a/src/arch/aarch64/mm.c
-+++ b/src/arch/aarch64/mm.c
-@@ -886,7 +886,7 @@ bool arch_mm_init(paddr_t table)
- #endif
- 				    (0xff << (8 * STAGE1_NORMALINDX)),
- 
--		.sctlr_el2 = get_sctlr_el2_value(),
-+		.sctlr_el2 = get_sctlr_el2_value(false),
- 		.vstcr_el2 = (1U << 31) |	    /* RES1. */
- 			     (0 << 30) |	    /* SA. */
- 			     (0 << 29) |	    /* SW. */
-diff --git a/src/arch/aarch64/sysregs.c b/src/arch/aarch64/sysregs.c
-index e8c154b1..087ba4ed 100644
---- a/src/arch/aarch64/sysregs.c
-+++ b/src/arch/aarch64/sysregs.c
-@@ -159,7 +159,7 @@ uintreg_t get_cptr_el2_value(void)
- /**
-  * Returns the value for SCTLR_EL2 for the CPU.
-  */
--uintreg_t get_sctlr_el2_value(void)
-+uintreg_t get_sctlr_el2_value(bool is_el0_partition)
- {
- 	uintreg_t sctlr_el2_value = 0;
- 
-@@ -173,7 +173,14 @@ uintreg_t get_sctlr_el2_value(void)
- 
- 	/* MMU-related bits. */
- 	sctlr_el2_value |= SCTLR_EL2_M;
--	sctlr_el2_value |= SCTLR_EL2_A;
-+
-+	/*
-+	 * Alignment check enabled, but in the case of an EL0 partition
-+	 * with VHE enabled.
-+	 */
-+	if (!(has_vhe_support() && is_el0_partition)) {
-+		sctlr_el2_value |= SCTLR_EL2_A;
-+	}
- 	sctlr_el2_value |= SCTLR_EL2_C;
- 	sctlr_el2_value |= SCTLR_EL2_SA;
- 	sctlr_el2_value |= SCTLR_EL2_I;
-diff --git a/src/arch/aarch64/sysregs.h b/src/arch/aarch64/sysregs.h
-index babd2375..6fdab58e 100644
---- a/src/arch/aarch64/sysregs.h
-+++ b/src/arch/aarch64/sysregs.h
-@@ -668,7 +668,7 @@ uintreg_t get_mdcr_el2_value(void);
- 
- uintreg_t get_cptr_el2_value(void);
- 
--uintreg_t get_sctlr_el2_value(void);
-+uintreg_t get_sctlr_el2_value(bool is_el0_partition);
- 
- /**
-  * Branch Target Identification mechanism support in AArch64 state.
-
diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/hafnium/files/tc/0004-feat-vhe-set-STAGE1_NS-while-mapping-memory-from-NWd.patch b/meta-arm/meta-arm-bsp/recipes-bsp/hafnium/files/tc/0003-feat-vhe-set-STAGE1_NS-while-mapping-memory-from-NWd.patch
similarity index 90%
rename from meta-arm/meta-arm-bsp/recipes-bsp/hafnium/files/tc/0004-feat-vhe-set-STAGE1_NS-while-mapping-memory-from-NWd.patch
rename to meta-arm/meta-arm-bsp/recipes-bsp/hafnium/files/tc/0003-feat-vhe-set-STAGE1_NS-while-mapping-memory-from-NWd.patch
index cfa7cfb..cd19f63 100644
--- a/meta-arm/meta-arm-bsp/recipes-bsp/hafnium/files/tc/0004-feat-vhe-set-STAGE1_NS-while-mapping-memory-from-NWd.patch
+++ b/meta-arm/meta-arm-bsp/recipes-bsp/hafnium/files/tc/0003-feat-vhe-set-STAGE1_NS-while-mapping-memory-from-NWd.patch
@@ -1,4 +1,4 @@
-From 4b59905d2fec01cc17038b1c167b4e57e7835adf Mon Sep 17 00:00:00 2001
+From 41f3ff2f011da69ff81234769353955e51c7e588 Mon Sep 17 00:00:00 2001
 From: Davidson K <davidson.kumaresan@arm.com>
 Date: Thu, 7 Oct 2021 12:20:08 +0530
 Subject: [PATCH] feat(vhe): set STAGE1_NS while mapping memory from NWd to SWd
@@ -17,10 +17,10 @@
  1 file changed, 12 insertions(+)
 
 diff --git a/src/ffa_memory.c b/src/ffa_memory.c
-index 048cca9c..8910cc79 100644
+index 5826cb2fdd4b..bae677633dea 100644
 --- a/src/ffa_memory.c
 +++ b/src/ffa_memory.c
-@@ -2483,6 +2483,18 @@ struct ffa_value ffa_memory_retrieve(struct vm_locked to_locked,
+@@ -2618,6 +2618,18 @@ struct ffa_value ffa_memory_retrieve(struct vm_locked to_locked,
  
  	memory_to_attributes = ffa_memory_permissions_to_mode(
  		permissions, share_state->sender_orig_mode);
diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/hafnium/hafnium-tc.inc b/meta-arm/meta-arm-bsp/recipes-bsp/hafnium/hafnium-tc.inc
index 433d561..09de6f1 100644
--- a/meta-arm/meta-arm-bsp/recipes-bsp/hafnium/hafnium-tc.inc
+++ b/meta-arm/meta-arm-bsp/recipes-bsp/hafnium/hafnium-tc.inc
@@ -3,21 +3,13 @@
 COMPATIBLE_MACHINE = "(tc?)"
 HAFNIUM_PLATFORM = "secure_tc"
 
-# Intermediate SHA with 2.7 baseline version
-SRCREV = "dd0561820946fe23bcd57cc129140437f72102a5"
-PV = "2.7+git${SRCPV}"
-
 FILESEXTRAPATHS:prepend:tc := "${THISDIR}/files/tc:"
 
-SRC_URI:remove = "file://0003-Fix-build-with-clang-15.patch"
-
 SRC_URI:append = " \
         file://0001-feat-emulate-cntp-timer-register-accesses-using-cnth.patch \
         file://0002-feat-emulate-interrupt-controller-register-access.patch \
-        file://0003-feat-disable-alignment-check-for-EL0-partitions.patch \
-        file://0004-feat-vhe-set-STAGE1_NS-while-mapping-memory-from-NWd.patch \
-        file://0001-tc-increase-heap-pages.patch;patchdir=project/reference \
-        file://0002-feat-vhe-enable-vhe-and-disable-branch-protection-fo.patch;patchdir=project/reference \
+        file://0003-feat-vhe-set-STAGE1_NS-while-mapping-memory-from-NWd.patch \
+        file://0001-feat-vhe-enable-vhe-and-disable-branch-protection-fo.patch;patchdir=project/reference \
         "
 
 do_compile() {
diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/images/n1sdp-board-firmware_2022.06.22.bb b/meta-arm/meta-arm-bsp/recipes-bsp/images/n1sdp-board-firmware_2022.06.22.bb
index 6a27f02..1b502e5 100644
--- a/meta-arm/meta-arm-bsp/recipes-bsp/images/n1sdp-board-firmware_2022.06.22.bb
+++ b/meta-arm/meta-arm-bsp/recipes-bsp/images/n1sdp-board-firmware_2022.06.22.bb
@@ -14,7 +14,7 @@
 SRC_URI = "git://git.gitlab.arm.com/arm-reference-solutions/board-firmware.git;protocol=https;branch=n1sdp"
 
 SRCREV = "70ba494265eee76747faff38264860c19e214540"
-PV .= "+git${SRCPV}"
+PV .= "+git"
 
 S = "${WORKDIR}/git"
 
diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/scp-firmware/scp-firmware-n1sdp.inc b/meta-arm/meta-arm-bsp/recipes-bsp/scp-firmware/scp-firmware-n1sdp.inc
index c89b132..41d8f44 100644
--- a/meta-arm/meta-arm-bsp/recipes-bsp/scp-firmware/scp-firmware-n1sdp.inc
+++ b/meta-arm/meta-arm-bsp/recipes-bsp/scp-firmware/scp-firmware-n1sdp.inc
@@ -13,6 +13,9 @@
 EXTRA_OECMAKE:append = " \
     -DSCP_N1SDP_SENSOR_LIB_PATH=${RECIPE_SYSROOT}/n1sdp-board-firmware_source/LIB/sensor.a \
 "
+# scp-firmware version aligning to Arm Reference Solutions N1SDP-2023.06.22 Release
+SRCREV = "543ae8ca3c9e38da3058311118fa3ceef1da47f7"
+PV .= "+git"
 
 do_install:append() {
    fiptool \
diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/files/corstone1000/0001-Fix-FF-A-version-in-SPMC-manifest.patch b/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/files/corstone1000/0001-Fix-FF-A-version-in-SPMC-manifest.patch
index 016de8d..6d5114e 100644
--- a/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/files/corstone1000/0001-Fix-FF-A-version-in-SPMC-manifest.patch
+++ b/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/files/corstone1000/0001-Fix-FF-A-version-in-SPMC-manifest.patch
@@ -1,7 +1,4 @@
-Upstream-Status: Inappropriate
-Signed-off-by: Emekcan Aras <Emekcan.Aras@arm.com>
-
-From a31aee0988ef64724ec5866f10709f51f8cb3237 Mon Sep 17 00:00:00 2001
+From adaa22bc2f529bb34e9d4fe89ff5c65f0c83ca0c Mon Sep 17 00:00:00 2001
 From: emeara01 <emekcan.aras@arm.com>
 Date: Wed, 11 May 2022 14:37:06 +0100
 Subject: [PATCH] Fix FF-A version in SPMC manifest
@@ -11,13 +8,14 @@
 This patch will not be upstreamed and will be dropped once
 OPTEE version is updated for Corstone1000.
 
+Upstream-Status: Inappropriate
 Signed-off-by: Emekcan Aras <Emekcan.Aras@arm.com>
 ---
  .../corstone1000/common/fdts/corstone1000_spmc_manifest.dts     | 2 +-
  1 file changed, 1 insertion(+), 1 deletion(-)
 
 diff --git a/plat/arm/board/corstone1000/common/fdts/corstone1000_spmc_manifest.dts b/plat/arm/board/corstone1000/common/fdts/corstone1000_spmc_manifest.dts
-index 8e49ab83f..5baa1b115 100644
+index 8e49ab83f76a..5baa1b115b2e 100644
 --- a/plat/arm/board/corstone1000/common/fdts/corstone1000_spmc_manifest.dts
 +++ b/plat/arm/board/corstone1000/common/fdts/corstone1000_spmc_manifest.dts
 @@ -20,7 +20,7 @@
@@ -29,6 +27,3 @@
  		exec_state = <0x0>;
  		load_address = <0x0 0x2002000>;
  		entrypoint = <0x0 0x2002000>;
--- 
-2.17.1
-
diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/files/corstone1000/0002-feat-corstone1000-bl2-loads-fip-based-on-metadata.patch b/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/files/corstone1000/0002-feat-corstone1000-bl2-loads-fip-based-on-metadata.patch
index d834e95..e26fd34 100644
--- a/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/files/corstone1000/0002-feat-corstone1000-bl2-loads-fip-based-on-metadata.patch
+++ b/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/files/corstone1000/0002-feat-corstone1000-bl2-loads-fip-based-on-metadata.patch
@@ -1,4 +1,4 @@
-From 360aa32846a97e775750e06865d462c6258179fa Mon Sep 17 00:00:00 2001
+From fa7ab9b40babee29d2aadb267dfce7a96f8989d4 Mon Sep 17 00:00:00 2001
 From: Mohamed Omar Asaker <mohamed.omarasaker@arm.com>
 Date: Mon, 9 Jan 2023 13:59:06 +0000
 Subject: [PATCH] feat(corstone1000): bl2 loads fip based on metadata
@@ -15,7 +15,6 @@
 
 Upstream-Status: Pending
 Signed-off-by: Mohamed Omar Asaker <mohamed.omarasaker@arm.com>
-
 ---
  bl2/bl2_main.c                                |  4 +++
  .../corstone1000/common/corstone1000_plat.c   | 32 ++++++-------------
@@ -25,10 +24,10 @@
  5 files changed, 24 insertions(+), 32 deletions(-)
 
 diff --git a/bl2/bl2_main.c b/bl2/bl2_main.c
-index 5da803795..f25dc3029 100644
+index ce83692e0ebc..1a9febc007b2 100644
 --- a/bl2/bl2_main.c
 +++ b/bl2/bl2_main.c
-@@ -86,6 +86,10 @@ void bl2_main(void)
+@@ -87,6 +87,10 @@ void bl2_main(void)
  	/* Perform remaining generic architectural setup in S-EL1 */
  	bl2_arch_setup();
  
@@ -40,7 +39,7 @@
  	fwu_init();
  #endif /* PSA_FWU_SUPPORT */
 diff --git a/plat/arm/board/corstone1000/common/corstone1000_plat.c b/plat/arm/board/corstone1000/common/corstone1000_plat.c
-index 0235f8b84..7f9708a82 100644
+index 0235f8b8474c..7f9708a82489 100644
 --- a/plat/arm/board/corstone1000/common/corstone1000_plat.c
 +++ b/plat/arm/board/corstone1000/common/corstone1000_plat.c
 @@ -33,36 +33,17 @@ const mmap_region_t plat_arm_mmap[] = {
@@ -98,7 +97,7 @@
   * is no power control present
   */
 diff --git a/plat/arm/board/corstone1000/common/include/platform_def.h b/plat/arm/board/corstone1000/common/include/platform_def.h
-index 584d485f3..0bfab05a4 100644
+index 584d485f3ea7..0bfab05a482b 100644
 --- a/plat/arm/board/corstone1000/common/include/platform_def.h
 +++ b/plat/arm/board/corstone1000/common/include/platform_def.h
 @@ -173,16 +173,16 @@
@@ -125,10 +124,10 @@
  /*
   * Some data must be aligned on the biggest cache line size in the platform.
 diff --git a/tools/cert_create/Makefile b/tools/cert_create/Makefile
-index ca548b836..32b5486a0 100644
+index 042e844626bd..45b76a022f91 100644
 --- a/tools/cert_create/Makefile
 +++ b/tools/cert_create/Makefile
-@@ -69,8 +69,8 @@ INC_DIR += -I ./include -I ${PLAT_INCLUDE} -I ${OPENSSL_DIR}/include
+@@ -78,8 +78,8 @@ INC_DIR += -I ./include -I ${PLAT_INCLUDE} -I ${OPENSSL_DIR}/include
  # directory. However, for a local build of OpenSSL, the built binaries are
  # located under the main project directory (i.e.: ${OPENSSL_DIR}, not
  # ${OPENSSL_DIR}/lib/).
@@ -140,10 +139,10 @@
  HOSTCC ?= gcc
  
 diff --git a/tools/fiptool/Makefile b/tools/fiptool/Makefile
-index e6aeba95b..7c047479e 100644
+index 2ebee33931ba..dcfd314bee89 100644
 --- a/tools/fiptool/Makefile
 +++ b/tools/fiptool/Makefile
-@@ -29,7 +29,7 @@ endif
+@@ -39,7 +39,7 @@ HOSTCCFLAGS += -DUSING_OPENSSL3=$(USING_OPENSSL3)
  # directory. However, for a local build of OpenSSL, the built binaries are
  # located under the main project directory (i.e.: ${OPENSSL_DIR}, not
  # ${OPENSSL_DIR}/lib/).
@@ -152,7 +151,7 @@
  
  ifeq (${V},0)
    Q := @
-@@ -37,7 +37,7 @@ else
+@@ -47,7 +47,7 @@ else
    Q :=
  endif
  
@@ -161,6 +160,3 @@
  
  HOSTCC ?= gcc
  
--- 
-2.25.1
-
diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/files/corstone1000/0004-fix-corstone1000-add-cpuhelper-to-makefile.patch b/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/files/corstone1000/0004-fix-corstone1000-add-cpuhelper-to-makefile.patch
new file mode 100644
index 0000000..6ddde10
--- /dev/null
+++ b/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/files/corstone1000/0004-fix-corstone1000-add-cpuhelper-to-makefile.patch
@@ -0,0 +1,28 @@
+From 33078d8ef143e8c79f06399de46dd26e1d53a220 Mon Sep 17 00:00:00 2001
+From: Gauri Sahnan <Gauri.Sahnan@arm.com>
+Date: Tue, 8 Aug 2023 17:16:51 +0100
+Subject: fix(corstone1000): add cpuhelpers to makefile
+
+Adds cpu_helpers.S to the Makefile to align with the changes in new
+trusted-firmware-a version.
+
+Signed-off-by: Gauri Sahnan <Gauri.Sahnan@arm.com>
+Upstream-Status: Pending [Not submitted to upstream yet]
+---
+ plat/arm/board/corstone1000/platform.mk | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/plat/arm/board/corstone1000/platform.mk b/plat/arm/board/corstone1000/platform.mk
+index 3edffe087..079e9d6c1 100644
+--- a/plat/arm/board/corstone1000/platform.mk
++++ b/plat/arm/board/corstone1000/platform.mk
+@@ -43,6 +43,7 @@ BL2_SOURCES		+=	plat/arm/board/corstone1000/common/corstone1000_security.c		\
+ 				plat/arm/board/corstone1000/common/corstone1000_err.c		\
+ 				plat/arm/board/corstone1000/common/corstone1000_trusted_boot.c	\
+ 				lib/utils/mem_region.c					\
++				lib/cpus/aarch64/cpu_helpers.S \
+ 				plat/arm/board/corstone1000/common/corstone1000_helpers.S		\
+ 				plat/arm/board/corstone1000/common/corstone1000_plat.c		\
+ 				plat/arm/board/corstone1000/common/corstone1000_bl2_mem_params_desc.c \
+-- 
+2.25.1
diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/files/rwx-segments.patch b/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/files/rwx-segments.patch
new file mode 100644
index 0000000..a4518ec
--- /dev/null
+++ b/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/files/rwx-segments.patch
@@ -0,0 +1,38 @@
+Binutils 2.39 now warns when a segment has RXW permissions[1]:
+
+aarch64-none-elf-ld.bfd: warning: bl31.elf has a LOAD segment with RWX
+permissions
+
+However, TF-A passes --fatal-warnings to LD, so this is a build failure.
+
+There is a ticket filed upstream[2], so until that is resolved just
+remove --fatal-warnings.
+
+[1] https://sourceware.org/git/?p=binutils-gdb.git;a=commit;h=ba951afb99912da01a6e8434126b8fac7aa75107
+[2] https://developer.trustedfirmware.org/T996
+
+Upstream-Status: Inappropriate
+Signed-off-by: Ross Burton <ross.burton@arm.com>
+
+diff --git a/Makefile b/Makefile
+index 3941f8698..13bbac348 100644
+--- a/Makefile
++++ b/Makefile
+@@ -418,7 +418,7 @@ TF_LDFLAGS		+=	$(TF_LDFLAGS_$(ARCH))
+ # LD = gcc (used when GCC LTO is enabled)
+ else ifneq ($(findstring gcc,$(notdir $(LD))),)
+ # Pass ld options with Wl or Xlinker switches
+-TF_LDFLAGS		+=	-Wl,--fatal-warnings -O1
++TF_LDFLAGS		+=	-O1
+ TF_LDFLAGS		+=	-Wl,--gc-sections
+ ifeq ($(ENABLE_LTO),1)
+ 	ifeq (${ARCH},aarch64)
+@@ -435,7 +435,7 @@ TF_LDFLAGS		+=	$(subst --,-Xlinker --,$(TF_LDFLAGS_$(ARCH)))
+ 
+ # LD = gcc-ld (ld) or llvm-ld (ld.lld) or other
+ else
+-TF_LDFLAGS		+=	--fatal-warnings -O1
++TF_LDFLAGS		+=	-O1
+ TF_LDFLAGS		+=	--gc-sections
+ # ld.lld doesn't recognize the errata flags,
+ # therefore don't add those in that case
diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/files/tf-a-tests-no-warn-rwx-segments.patch b/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/files/tf-a-tests-no-warn-rwx-segments.patch
new file mode 100644
index 0000000..5d02e35
--- /dev/null
+++ b/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/files/tf-a-tests-no-warn-rwx-segments.patch
@@ -0,0 +1,26 @@
+Binutils 2.39 now warns when a segment has RXW permissions[1]:
+
+aarch64-poky-linux-musl-ld: tftf.elf has a LOAD segment with RWX permissions
+
+There is a ticket filed upstream[2], so until that is resolved just
+disable the warning
+
+[1] https://sourceware.org/git/?p=binutils-gdb.git;a=commit;h=ba951afb99912da01a6e8434126b8fac7aa75107
+[2] https://developer.trustedfirmware.org/T996
+
+Upstream-Status: Inappropriate
+Signed-off-by: Anton Antonov <anrton.antonov@arm.com>
+
+diff --git a/Makefile b/Makefile
+index 6d0774e1..be3f84ce 100644
+--- a/Makefile
++++ b/Makefile
+@@ -238,7 +238,7 @@ TFTF_SOURCES		:= ${FRAMEWORK_SOURCES}	${TESTS_SOURCES} ${PLAT_SOURCES} ${LIBC_SR
+ TFTF_INCLUDES		+= ${PLAT_INCLUDES}
+ TFTF_CFLAGS		+= ${COMMON_CFLAGS}
+ TFTF_ASFLAGS		+= ${COMMON_ASFLAGS}
+-TFTF_LDFLAGS		+= ${COMMON_LDFLAGS}
++TFTF_LDFLAGS		+= ${COMMON_LDFLAGS} --no-warn-rwx-segments
+ TFTF_EXTRA_OBJS 	:=
+ 
+ ifneq (${BP_OPTION},none)
diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/fiptool-native_2.8.6.bb b/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/fiptool-native_2.8.6.bb
new file mode 100644
index 0000000..02f3387
--- /dev/null
+++ b/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/fiptool-native_2.8.6.bb
@@ -0,0 +1,33 @@
+# Firmware Image Package (FIP)
+# It is a packaging format used by TF-A to package the
+# firmware images in a single binary.
+
+DESCRIPTION = "fiptool - Trusted Firmware tool for packaging"
+LICENSE = "BSD-3-Clause"
+
+SRC_URI_TRUSTED_FIRMWARE_A ?= "git://git.trustedfirmware.org/TF-A/trusted-firmware-a.git;protocol=https"
+SRC_URI = "${SRC_URI_TRUSTED_FIRMWARE_A};destsuffix=fiptool-${PV};branch=${SRCBRANCH}"
+LIC_FILES_CHKSUM = "file://docs/license.rst;md5=b2c740efedc159745b9b31f88ff03dde"
+
+# Use fiptool from TF-A v2.8.6
+SRCREV = "ff0bd5f9bb2ba2f31fb9cec96df917747af9e92d"
+SRCBRANCH = "lts-v2.8"
+
+DEPENDS += "openssl-native"
+
+inherit native
+
+EXTRA_OEMAKE = "V=1 HOSTCC='${BUILD_CC}' OPENSSL_DIR=${STAGING_DIR_NATIVE}/${prefix_native}"
+
+do_compile () {
+    # This is still needed to have the native fiptool executing properly by
+    # setting the RPATH
+    sed -i '/^LDLIBS/ s,$, \$\{BUILD_LDFLAGS},' ${S}/tools/fiptool/Makefile
+    sed -i '/^INCLUDE_PATHS/ s,$, \$\{BUILD_CFLAGS},' ${S}/tools/fiptool/Makefile
+
+    oe_runmake fiptool
+}
+
+do_install () {
+    install -D -p -m 0755 tools/fiptool/fiptool ${D}${bindir}/fiptool
+}
diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/tf-a-tests_2.8.0.bbappend b/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/tf-a-tests_%.bbappend
similarity index 100%
rename from meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/tf-a-tests_2.8.0.bbappend
rename to meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/tf-a-tests_%.bbappend
diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/tf-a-tests_2.8.0.bb b/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/tf-a-tests_2.8.0.bb
new file mode 100644
index 0000000..ed3b349
--- /dev/null
+++ b/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/tf-a-tests_2.8.0.bb
@@ -0,0 +1,54 @@
+DESCRIPTION = "Trusted Firmware-A tests(aka TFTF)"
+LICENSE = "BSD-3-Clause & NCSA"
+
+LIC_FILES_CHKSUM += "file://docs/license.rst;md5=6175cc0aa2e63b6d21a32aa0ee7d1b4a"
+
+inherit deploy
+
+COMPATIBLE_MACHINE ?= "invalid"
+
+SRC_URI_TRUSTED_FIRMWARE_A_TESTS ?= "git://git.trustedfirmware.org/TF-A/tf-a-tests.git;protocol=https"
+SRC_URI = "${SRC_URI_TRUSTED_FIRMWARE_A_TESTS};branch=${SRCBRANCH} \
+          file://tf-a-tests-no-warn-rwx-segments.patch"
+SRCBRANCH = "lts-v2.8"
+SRCREV = "85442d2943440718c2c2c9c5c690202b4b4f5725"
+
+DEPENDS += "optee-os"
+
+EXTRA_OEMAKE += "USE_NVM=0"
+EXTRA_OEMAKE += "SHELL_COLOR=1"
+EXTRA_OEMAKE += "DEBUG=1"
+
+# Platform must be set for each machine
+TFA_PLATFORM ?= "invalid"
+
+EXTRA_OEMAKE += "ARCH=aarch64"
+EXTRA_OEMAKE += "LOG_LEVEL=50"
+
+S = "${WORKDIR}/git"
+B = "${WORKDIR}/build"
+
+# Add platform parameter
+EXTRA_OEMAKE += "BUILD_BASE=${B} PLAT=${TFA_PLATFORM}"
+
+# Requires CROSS_COMPILE set by hand as there is no configure script
+export CROSS_COMPILE="${TARGET_PREFIX}"
+
+do_compile() {
+    oe_runmake -C ${S} tftf
+}
+
+do_compile[cleandirs] = "${B}"
+
+FILES:${PN} = "/firmware/tftf.bin"
+SYSROOT_DIRS += "/firmware"
+
+do_install() {
+    install -d -m 755 ${D}/firmware
+    install -m 0644 ${B}/${TFA_PLATFORM}/debug/tftf.bin ${D}/firmware/tftf.bin
+}
+
+do_deploy() {
+    cp -rf ${D}/firmware/* ${DEPLOYDIR}/
+}
+addtask deploy after do_install
diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/trusted-firmware-a-corstone1000.inc b/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/trusted-firmware-a-corstone1000.inc
index 06be28e..3f66bed 100644
--- a/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/trusted-firmware-a-corstone1000.inc
+++ b/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/trusted-firmware-a-corstone1000.inc
@@ -3,16 +3,12 @@
 COMPATIBLE_MACHINE = "(corstone1000)"
 
 FILESEXTRAPATHS:prepend := "${THISDIR}/files/corstone1000:"
-
-SRC_URI:append = " \ 
+SRC_URI:append = " \
 	file://0001-Fix-FF-A-version-in-SPMC-manifest.patch \
-    file://0002-feat-corstone1000-bl2-loads-fip-based-on-metadata.patch \
-    file://0003-psci-SMCCC_ARCH_FEATURES-discovery-through-PSCI_FEATURES.patch \
-    "
-
-#Sets TF-A version to 2.8.0
-SRCREV_tfa = "9881bb93a3bc0a3ea37e9f093e09ab4b360a9e48"
-PV = "2.8.0"
+	file://0002-feat-corstone1000-bl2-loads-fip-based-on-metadata.patch \
+	file://0003-psci-SMCCC_ARCH_FEATURES-discovery-through-PSCI_FEATURES.patch \
+	file://0004-fix-corstone1000-add-cpuhelper-to-makefile.patch \
+       "
 
 TFA_DEBUG = "1"
 TFA_UBOOT ?= "1"
@@ -33,7 +29,7 @@
                         TARGET_PLATFORM=${TFA_TARGET_PLATFORM} \
                         ENABLE_STACK_PROTECTOR=strong \
                         ENABLE_PIE=1 \
-                        BL2_AT_EL3=1 \
+                        RESET_TO_BL2=1 \
                         CREATE_KEYS=1 \
                         GENERATE_COT=1 \
                         TRUSTED_BOARD_BOOT=1 \
diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/trusted-firmware-a-corstone500.inc b/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/trusted-firmware-a-corstone500.inc
deleted file mode 100644
index acd9e3d..0000000
--- a/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/trusted-firmware-a-corstone500.inc
+++ /dev/null
@@ -1,17 +0,0 @@
-# Corstone-500 specific TFA support
-
-COMPATIBLE_MACHINE = "corstone500"
-TFA_PLATFORM = "a5ds"
-TFA_DEBUG = "1"
-TFA_UBOOT = "1"
-TFA_BUILD_TARGET = "all fip"
-TFA_INSTALL_TARGET = "bl1.bin fip.bin"
-
-EXTRA_OEMAKE:append = " \
-                    ARCH=aarch32 \
-                    FVP_HW_CONFIG_DTS=fdts/a5ds.dts \
-                    ARM_ARCH_MAJOR=7 \
-                    AARCH32_SP=sp_min \
-                    ARM_CORTEX_A5=yes \
-                    ARM_XLAT_TABLES_LIB_V1=1 \
-                    "
diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/trusted-firmware-a-n1sdp.inc b/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/trusted-firmware-a-n1sdp.inc
index 654e432..c2fa223 100644
--- a/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/trusted-firmware-a-n1sdp.inc
+++ b/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/trusted-firmware-a-n1sdp.inc
@@ -1,5 +1,9 @@
 # N1SDP specific TFA support
 
+# Align with N1SDP-2023.06.22 Manifest
+SRCREV_tfa  = "31f60a968347497562b0129134928d7ac4767710"
+PV .= "+git"
+
 COMPATIBLE_MACHINE = "n1sdp"
 TFA_PLATFORM       = "n1sdp"
 TFA_BUILD_TARGET   = "all fip"
diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/trusted-firmware-a_2.8.%.bbappend b/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/trusted-firmware-a_%.bbappend
similarity index 87%
rename from meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/trusted-firmware-a_2.8.%.bbappend
rename to meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/trusted-firmware-a_%.bbappend
index 220dd6e..7fbcd3a 100644
--- a/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/trusted-firmware-a_2.8.%.bbappend
+++ b/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/trusted-firmware-a_%.bbappend
@@ -3,7 +3,6 @@
 # Machine specific TFAs
 
 MACHINE_TFA_REQUIRE ?= ""
-MACHINE_TFA_REQUIRE:corstone500 = "trusted-firmware-a-corstone500.inc"
 MACHINE_TFA_REQUIRE:corstone1000 = "trusted-firmware-a-corstone1000.inc"
 MACHINE_TFA_REQUIRE:fvp-base = "trusted-firmware-a-fvp.inc"
 MACHINE_TFA_REQUIRE:juno = "trusted-firmware-a-juno.inc"
diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/trusted-firmware-a_2.8.6.bb b/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/trusted-firmware-a_2.8.6.bb
new file mode 100644
index 0000000..cffc6db
--- /dev/null
+++ b/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/trusted-firmware-a_2.8.6.bb
@@ -0,0 +1,15 @@
+require recipes-bsp/trusted-firmware-a/trusted-firmware-a.inc
+
+# TF-A v2.8.6
+SRCREV_tfa = "ff0bd5f9bb2ba2f31fb9cec96df917747af9e92d"
+SRCBRANCH = "lts-v2.8"
+
+SRC_URI += "file://rwx-segments.patch"
+
+LIC_FILES_CHKSUM += "file://docs/license.rst;md5=b2c740efedc159745b9b31f88ff03dde"
+
+# mbed TLS v2.28.2
+SRC_URI_MBEDTLS = "git://github.com/ARMmbed/mbedtls.git;name=mbedtls;protocol=https;destsuffix=git/mbedtls;branch=mbedtls-2.28"
+SRCREV_mbedtls = "89f040a5c938985c5f30728baed21e49d0846a53"
+
+LIC_FILES_CHKSUM_MBEDTLS = "file://mbedtls/LICENSE;md5=3b83ef96387f14655fc854ddc3c6bd57"
diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0005-Platform-corstone1000-add-unique-firmware-GUID.patch b/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0005-Platform-corstone1000-add-unique-firmware-GUID.patch
new file mode 100644
index 0000000..2f5ba04
--- /dev/null
+++ b/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0005-Platform-corstone1000-add-unique-firmware-GUID.patch
@@ -0,0 +1,35 @@
+From 3004fda909079ebebd62c495a4e49e64d6c8a85f Mon Sep 17 00:00:00 2001
+From: Anusmita Dutta Mazumder <anusmita.duttamazumder@arm.com>
+Date: Tue, 8 Aug 2023 10:58:01 +0000
+Subject: [PATCH] Platform corstone1000 add unique firmware GUID
+
+Add unique Corstone-1000 firmware GUID
+
+Upstream-Status: Pending [Not submitted to upstream yet]
+Signed-off-by: Anusmita Dutta Mazumder <anusmita.duttamazumder@arm.com>
+---
+ .../target/arm/corstone1000/fw_update_agent/fwu_agent.c   | 8 ++++----
+ 1 file changed, 4 insertions(+), 4 deletions(-)
+
+diff --git a/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.c b/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.c
+index f564f2902c..9c31aeee9d 100644
+--- a/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.c
++++ b/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.c
+@@ -113,10 +113,10 @@ enum fwu_agent_state_t {
+ };
+ 
+ struct efi_guid full_capsule_image_guid = {
+-    .time_low = 0xe2bb9c06,
+-    .time_mid = 0x70e9,
+-    .time_hi_and_version = 0x4b14,
+-    .clock_seq_and_node = {0x97, 0xa3, 0x5a, 0x79, 0x13, 0x17, 0x6e, 0x3f}
++    .time_low = 0x989f3a4e,
++    .time_mid = 0x46e0,
++    .time_hi_and_version = 0x4cd0,
++    .clock_seq_and_node = {0x98, 0x77, 0xa2, 0x5c, 0x70, 0xc0, 0x13, 0x29}
+ };
+ 
+ 
+-- 
+2.38.1
+
diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-m/trusted-firmware-m-corstone1000.inc b/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-m/trusted-firmware-m-corstone1000.inc
index 0831ed0..a259390 100644
--- a/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-m/trusted-firmware-m-corstone1000.inc
+++ b/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-m/trusted-firmware-m-corstone1000.inc
@@ -32,6 +32,7 @@
     file://0002-Platform-Corstone1000-Increase-BL2_DATA_SIZE.patch \
     file://0003-Platform-Corstone1000-Calculate-the-new-CRC32-value-.patch \
     file://0004-arm-trusted-firmware-m-disable-fatal-warnings.patch \
+    file://0005-Platform-corstone1000-add-unique-firmware-GUID.patch \
     "
 
 # TF-M ships patches for external dependencies that needs to be applied
diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0033-Increase-the-unzipped-Kernel-size.patch b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0033-corstone1000-detect-inflated-kernel-size.patch
similarity index 63%
rename from meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0033-Increase-the-unzipped-Kernel-size.patch
rename to meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0033-corstone1000-detect-inflated-kernel-size.patch
index 63c42c7..9fd5b33 100644
--- a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0033-Increase-the-unzipped-Kernel-size.patch
+++ b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0033-corstone1000-detect-inflated-kernel-size.patch
@@ -1,29 +1,29 @@
-From df23489adcba1cdcbcb4fefbed0896fc1f408700 Mon Sep 17 00:00:00 2001
-From: Emekcan Aras <emekcan.aras@arm.com>
-Date: Wed, 2 Aug 2023 17:07:05 +0100
-Subject: [PATCH] Increase the unzipped Kernel size
+From b57e05e95735b9b58e81b7a67f483b645c56811e Mon Sep 17 00:00:00 2001
+From: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
+Date: Fri, 11 Aug 2023 10:41:19 +0100
+Subject: [PATCH] corstone1000: detect inflated kernel size
 
-Increases the unzipped kernel size for corstone1000.
+use filesize variable set by unzip command
 
 Upstream-Status: Pending [Not submitted to upstream yet]
-Signed-off-by: Emekcan Aras <emekcan.aras@arm.com>
+Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
 ---
  configs/corstone1000_defconfig | 2 +-
  1 file changed, 1 insertion(+), 1 deletion(-)
 
 diff --git a/configs/corstone1000_defconfig b/configs/corstone1000_defconfig
-index a0af413de8..54a5bca354 100644
+index b6b1ccdd78..8a10bca069 100644
 --- a/configs/corstone1000_defconfig
 +++ b/configs/corstone1000_defconfig
-@@ -15,7 +15,7 @@ CONFIG_DISTRO_DEFAULTS=y
+@@ -17,7 +17,7 @@ CONFIG_FIT=y
  CONFIG_BOOTDELAY=3
  CONFIG_USE_BOOTARGS=y
  CONFIG_BOOTARGS="console=ttyAMA0 loglevel=9 ip=dhcp earlyprintk"
 -CONFIG_BOOTCOMMAND="echo Loading kernel from $kernel_addr to memory ... ; unzip $kernel_addr 0x90000000; loadm 0x90000000 $kernel_addr_r 0xf00000; usb start; usb reset; run distro_bootcmd; bootefi $kernel_addr_r $fdtcontroladdr;"
-+CONFIG_BOOTCOMMAND="echo Loading kernel from $kernel_addr to memory ... ; unzip $kernel_addr 0x90000000; loadm 0x90000000 $kernel_addr_r 0xfb0000; usb start; usb reset; run distro_bootcmd; bootefi $kernel_addr_r $fdtcontroladdr;"
++CONFIG_BOOTCOMMAND="echo Loading kernel from $kernel_addr to memory ... ; unzip $kernel_addr 0x90000000; loadm 0x90000000 $kernel_addr_r $filesize; usb start; usb reset; run distro_bootcmd; bootefi $kernel_addr_r $fdtcontroladdr;"
  CONFIG_CONSOLE_RECORD=y
  CONFIG_LOGLEVEL=7
  # CONFIG_DISPLAY_CPUINFO is not set
 -- 
-2.17.1
+2.25.1
 
diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0034-corstone1000-ESRT-add-unique-firmware-GUID.patch b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0034-corstone1000-ESRT-add-unique-firmware-GUID.patch
new file mode 100644
index 0000000..197a069
--- /dev/null
+++ b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0034-corstone1000-ESRT-add-unique-firmware-GUID.patch
@@ -0,0 +1,47 @@
+From 98b33cc6b3a56f56224e0a6fe6c3564de7b1341a Mon Sep 17 00:00:00 2001
+From: Anusmita Dutta Mazumder <anusmita.duttamazumder@arm.com>
+Date: Tue, 8 Aug 2023 10:24:39 +0000
+Subject: [PATCH] corstone1000: ESRT: add unique firmware GUID
+
+Add unique Corstone-1000 firmware GUID
+
+Upstream-Status: Pending [Not submitted to upstream yet]
+Signed-off-by: Anusmita Dutta Mazumder <anusmita.duttamazumder@arm.com>
+---
+ lib/efi_loader/efi_firmware.c | 12 ++++++------
+ 1 file changed, 6 insertions(+), 6 deletions(-)
+
+diff --git a/lib/efi_loader/efi_firmware.c b/lib/efi_loader/efi_firmware.c
+index 6135f8ed1c..c9117ae2b2 100644
+--- a/lib/efi_loader/efi_firmware.c
++++ b/lib/efi_loader/efi_firmware.c
+@@ -20,12 +20,12 @@
+ #define FMP_PAYLOAD_HDR_SIGNATURE	SIGNATURE_32('M', 'S', 'S', '1')
+ 
+ #if CONFIG_IS_ENABLED(TARGET_CORSTONE1000)
+-#define EFI_FIRMWARE_IMAGE_TYPE_UBOOT_RAW_GUID \
+-	EFI_GUID(0xe2bb9c06, 0x70e9, 0x4b14, 0x97, 0xa3, \
+-		 0x5a, 0x79, 0x13, 0x17, 0x6e, 0x3f)
++/* Firmware GUID */
++#define EFI_CORSTONE1000_FIRMWARE_GUID \
++	EFI_GUID(0x989f3a4e, 0x46e0, 0x4cd0, 0x98, 0x77, \
++		 0xa2, 0x5c, 0x70, 0xc0, 0x13, 0x29)
+ 
+- const efi_guid_t efi_firmware_image_type_uboot_raw =
+-				EFI_FIRMWARE_IMAGE_TYPE_UBOOT_RAW_GUID;
++efi_guid_t corstone1000_firmware_guid = EFI_CORSTONE1000_FIRMWARE_GUID;
+ 
+ static efi_status_t efi_corstone1000_img_info_get (
+ 	efi_uintn_t *image_info_size,
+@@ -353,7 +353,7 @@ efi_status_t EFIAPI efi_firmware_get_image_info(
+ 			       descriptor_version, descriptor_count,
+ 			       descriptor_size,
+ 			       package_version, package_version_name,
+-			       &efi_firmware_image_type_uboot_raw);
++			       &corstone1000_firmware_guid);
+ #else
+ 	ret = efi_fill_image_desc_array(image_info_size, image_info,
+ 					descriptor_version, descriptor_count,
+-- 
+2.38.1
+
diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone500/0001-armv7-adding-generic-timer-access-through-MMIO.patch b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone500/0001-armv7-adding-generic-timer-access-through-MMIO.patch
deleted file mode 100644
index 1d28631..0000000
--- a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone500/0001-armv7-adding-generic-timer-access-through-MMIO.patch
+++ /dev/null
@@ -1,139 +0,0 @@
-From 2bb9fb8414b8ad35ed5fc6c91a34c21cef285a01 Mon Sep 17 00:00:00 2001
-From: Rui Miguel Silva <rui.silva@linaro.org>
-Date: Wed, 18 Dec 2019 21:52:34 +0000
-Subject: [PATCH 1/2] armv7: adding generic timer access through MMIO
-
-Upstream-Status: Pending [Not submitted to upstream yet]
-Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
-
-This driver enables the ARMv7 generic timer.
-
-The access to the timer registers is through memory mapping (MMIO).
-
-This driver can be used by u-boot to access to the timer through MMIO
-when arch_timer is not available in the core (access using system
-instructions not possible), for example, in case of Cortex-A5.
-
-This driver configures and enables the generic timer at
-the u-boot initcall level (timer_init) before u-boot relocation.
-
-Signed-off-by: Rui Miguel Silva <rui.silva@linaro.org>
-Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
-
-
-Signed-off-by: Rui Miguel Silva <rui.silva@linaro.org>
----
- arch/arm/cpu/armv7/Makefile     |  1 +
- arch/arm/cpu/armv7/mmio_timer.c | 75 +++++++++++++++++++++++++++++++++
- scripts/config_whitelist.txt    |  1 +
- 3 files changed, 77 insertions(+)
- create mode 100644 arch/arm/cpu/armv7/mmio_timer.c
-
-diff --git a/arch/arm/cpu/armv7/Makefile b/arch/arm/cpu/armv7/Makefile
-index bfbd85ae64ef..1a0a24e53110 100644
---- a/arch/arm/cpu/armv7/Makefile
-+++ b/arch/arm/cpu/armv7/Makefile
-@@ -28,6 +28,7 @@ obj-$(CONFIG_ARMV7_PSCI)	+= psci.o psci-common.o
- obj-$(CONFIG_IPROC) += iproc-common/
- obj-$(CONFIG_KONA) += kona-common/
- obj-$(CONFIG_SYS_ARCH_TIMER) += arch_timer.o
-+obj-$(CONFIG_SYS_MMIO_TIMER) += mmio_timer.o
- 
- ifneq (,$(filter s5pc1xx exynos,$(SOC)))
- obj-y += s5p-common/
-diff --git a/arch/arm/cpu/armv7/mmio_timer.c b/arch/arm/cpu/armv7/mmio_timer.c
-new file mode 100644
-index 000000000000..edd806e06e42
---- /dev/null
-+++ b/arch/arm/cpu/armv7/mmio_timer.c
-@@ -0,0 +1,75 @@
-+// SPDX-License-Identifier: GPL-2.0+
-+/*
-+ * Copyright (c) 2019, Arm Limited. All rights reserved.
-+ *
-+ */
-+
-+#include <common.h>
-+#include <asm/io.h>
-+#include <div64.h>
-+#include <bootstage.h>
-+#include <asm/global_data.h>
-+
-+DECLARE_GLOBAL_DATA_PTR;
-+
-+#define CNTCTLBASE    0x1a020000UL
-+#define CNTREADBASE   0x1a030000UL
-+#define CNTEN         (1 << 0)
-+#define CNTFCREQ      (1 << 8)
-+
-+static inline uint32_t mmio_read32(uintptr_t addr)
-+{
-+	return *(volatile uint32_t*)addr;
-+}
-+
-+static inline void mmio_write32(uintptr_t addr, uint32_t data)
-+{
-+	*(volatile uint32_t*)addr = data;
-+}
-+
-+int timer_init(void)
-+{
-+	/* calculate the frequency in ms */
-+	gd->arch.timer_rate_hz = COUNTER_FREQUENCY / CONFIG_SYS_HZ;
-+
-+	/* configure CNTFID0 register: set the base frequency */
-+	mmio_write32(CNTCTLBASE + 0x20, COUNTER_FREQUENCY);
-+
-+	/*
-+	 * configure CNTCR register:
-+	 *    enable the generic counter and;
-+	 *    select the first frequency entry
-+	 */
-+	mmio_write32(CNTCTLBASE, CNTFCREQ | CNTEN);
-+
-+	return 0;
-+}
-+
-+unsigned long long get_ticks(void)
-+{
-+	return (((u64)(mmio_read32(CNTREADBASE + 0x4)) << 32) |
-+		mmio_read32(CNTREADBASE));
-+}
-+
-+ulong get_timer(ulong base)
-+{
-+	return lldiv(get_ticks(), gd->arch.timer_rate_hz) - base;
-+}
-+
-+void __udelay(unsigned long usec)
-+{
-+	unsigned long endtime;
-+
-+	endtime = lldiv((unsigned long long)usec * gd->arch.timer_rate_hz,
-+			1000UL);
-+
-+	endtime += get_ticks();
-+
-+	while (get_ticks() < endtime)
-+		;
-+}
-+
-+ulong get_tbclk(void)
-+{
-+	return gd->arch.timer_rate_hz;
-+}
-diff --git a/scripts/config_whitelist.txt b/scripts/config_whitelist.txt
-index ea71f9d23449..1496d9b88233 100644
---- a/scripts/config_whitelist.txt
-+++ b/scripts/config_whitelist.txt
-@@ -610,6 +610,7 @@ CONFIG_SYS_MMC_U_BOOT_DST
- CONFIG_SYS_MMC_U_BOOT_OFFS
- CONFIG_SYS_MMC_U_BOOT_SIZE
- CONFIG_SYS_MMC_U_BOOT_START
-+CONFIG_SYS_MMIO_TIMER
- CONFIG_SYS_MOR_VAL
- CONFIG_SYS_MRAM_BASE
- CONFIG_SYS_NAND_AMASK
--- 
-2.39.1
-
diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone500/0002-board-arm-add-corstone500-board.patch b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone500/0002-board-arm-add-corstone500-board.patch
deleted file mode 100644
index 5aec24c..0000000
--- a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone500/0002-board-arm-add-corstone500-board.patch
+++ /dev/null
@@ -1,299 +0,0 @@
-From 376e7cc533e27f943191d44c112e3812885b8fd1 Mon Sep 17 00:00:00 2001
-From: Rui Miguel Silva <rui.silva@linaro.org>
-Date: Wed, 8 Jan 2020 09:48:11 +0000
-Subject: [PATCH 2/2] board: arm: add corstone500 board
-
-Upstream-Status: Pending [Not submitted to upstream yet]
-Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
-
-Add support for the Arm corstone500 platform, with a cortex-a5
-chip, add the default configuration, initialization and
-makefile for this system.
-
-Signed-off-by: Rui Miguel Silva <rui.silva@linaro.org>
----
- arch/arm/Kconfig                       |  10 +++
- board/armltd/corstone500/Kconfig       |  12 +++
- board/armltd/corstone500/Makefile      |   8 ++
- board/armltd/corstone500/corstone500.c |  48 ++++++++++++
- configs/corstone500_defconfig          |  41 ++++++++++
- include/configs/corstone500.h          | 102 +++++++++++++++++++++++++
- 6 files changed, 221 insertions(+)
- create mode 100644 board/armltd/corstone500/Kconfig
- create mode 100644 board/armltd/corstone500/Makefile
- create mode 100644 board/armltd/corstone500/corstone500.c
- create mode 100644 configs/corstone500_defconfig
- create mode 100644 include/configs/corstone500.h
-
-diff --git a/arch/arm/Kconfig b/arch/arm/Kconfig
-index cac4fa09fd32..b875c1ef3d32 100644
---- a/arch/arm/Kconfig
-+++ b/arch/arm/Kconfig
-@@ -1309,6 +1309,15 @@ config TARGET_CORSTONE1000
- 	select PL01X_SERIAL
- 	select DM
- 
-+config TARGET_CORSTONE500
-+	bool "Support Corstone500"
-+	select CPU_V7A
-+	select SEMIHOSTING
-+	select PL01X_SERIAL
-+	help
-+	  This enables support for Corstone500 ARM which is a
-+	  Cortex-A5 system
-+
- config TARGET_TOTAL_COMPUTE
- 	bool "Support Total Compute Platform"
- 	select ARM64
-@@ -2264,6 +2273,7 @@ source "board/bosch/shc/Kconfig"
- source "board/bosch/guardian/Kconfig"
- source "board/Marvell/octeontx/Kconfig"
- source "board/Marvell/octeontx2/Kconfig"
-+source "board/armltd/corstone500/Kconfig"
- source "board/armltd/vexpress/Kconfig"
- source "board/armltd/vexpress64/Kconfig"
- source "board/cortina/presidio-asic/Kconfig"
-diff --git a/board/armltd/corstone500/Kconfig b/board/armltd/corstone500/Kconfig
-new file mode 100644
-index 000000000000..8e689bd1fdc8
---- /dev/null
-+++ b/board/armltd/corstone500/Kconfig
-@@ -0,0 +1,12 @@
-+if TARGET_CORSTONE500
-+
-+config SYS_BOARD
-+	default "corstone500"
-+
-+config SYS_VENDOR
-+	default "armltd"
-+
-+config SYS_CONFIG_NAME
-+	default "corstone500"
-+
-+endif
-diff --git a/board/armltd/corstone500/Makefile b/board/armltd/corstone500/Makefile
-new file mode 100644
-index 000000000000..6598fdd3ae0d
---- /dev/null
-+++ b/board/armltd/corstone500/Makefile
-@@ -0,0 +1,8 @@
-+# SPDX-License-Identifier: GPL-2.0+
-+#
-+# (C) Copyright 2022 ARM Limited
-+# (C) Copyright 2022 Linaro
-+# Rui Miguel Silva <rui.silva@linaro.org>
-+#
-+
-+obj-y := corstone500.o
-diff --git a/board/armltd/corstone500/corstone500.c b/board/armltd/corstone500/corstone500.c
-new file mode 100644
-index 000000000000..e878f5c6a521
---- /dev/null
-+++ b/board/armltd/corstone500/corstone500.c
-@@ -0,0 +1,48 @@
-+// SPDX-License-Identifier: GPL-2.0+
-+/*
-+ * (C) Copyright 2022 ARM Limited
-+ * (C) Copyright 2022 Linaro
-+ * Rui Miguel Silva <rui.silva@linaro.org>
-+ */
-+
-+#include <common.h>
-+#include <dm.h>
-+#include <dm/platform_data/serial_pl01x.h>
-+#include <malloc.h>
-+#include <asm/global_data.h>
-+
-+static const struct pl01x_serial_plat serial_platdata = {
-+	.base = V2M_UART0,
-+	.type = TYPE_PL011,
-+	.clock = CONFIG_PL011_CLOCK,
-+};
-+
-+U_BOOT_DRVINFO(corstone500_serials) = {
-+	.name = "serial_pl01x",
-+	.plat = &serial_platdata,
-+};
-+
-+int board_init(void)
-+{
-+	return 0;
-+}
-+
-+int dram_init(void)
-+{
-+	gd->ram_size = PHYS_SDRAM_1_SIZE;
-+
-+	return 0;
-+}
-+
-+int dram_init_banksize(void)
-+{
-+	gd->bd->bi_dram[0].start = PHYS_SDRAM_1;
-+	gd->bd->bi_dram[0].size = PHYS_SDRAM_1_SIZE;
-+
-+	return 0;
-+}
-+
-+void reset_cpu(ulong addr)
-+{
-+}
-+
-diff --git a/configs/corstone500_defconfig b/configs/corstone500_defconfig
-new file mode 100644
-index 000000000000..91661beb8d8d
---- /dev/null
-+++ b/configs/corstone500_defconfig
-@@ -0,0 +1,41 @@
-+CONFIG_ARM=y
-+CONFIG_SKIP_LOWLEVEL_INIT=y
-+CONFIG_TARGET_CORSTONE500=y
-+CONFIG_TEXT_BASE=0x88000000
-+CONFIG_SYS_MALLOC_LEN=0x840000
-+CONFIG_NR_DRAM_BANKS=1
-+CONFIG_ENV_SIZE=0x40000
-+CONFIG_SYS_PROMPT="corstone500# "
-+CONFIG_IDENT_STRING=" corstone500 aarch32"
-+CONFIG_SYS_LOAD_ADDR=0x90000000
-+CONFIG_SYS_MEMTEST_START=0x80000000
-+CONFIG_SYS_MEMTEST_END=0xff000000
-+CONFIG_HAS_CUSTOM_SYS_INIT_SP_ADDR=y
-+CONFIG_CUSTOM_SYS_INIT_SP_ADDR=0x83f00000
-+CONFIG_SUPPORT_RAW_INITRD=y
-+CONFIG_BOOTDELAY=1
-+CONFIG_USE_BOOTARGS=y
-+CONFIG_BOOTARGS="console=ttyAMA0 earlycon=pl011,0x1a200000 root=/dev/ram0 rw loglevel=9"
-+# CONFIG_DISPLAY_CPUINFO is not set
-+# CONFIG_DISPLAY_BOARDINFO is not set
-+CONFIG_HUSH_PARSER=y
-+# CONFIG_CMD_CONSOLE is not set
-+CONFIG_CMD_BOOTZ=y
-+# CONFIG_CMD_XIMG is not set
-+# CONFIG_CMD_EDITENV is not set
-+# CONFIG_CMD_ENV_EXISTS is not set
-+CONFIG_CMD_MEMTEST=y
-+CONFIG_CMD_ARMFLASH=y
-+# CONFIG_CMD_LOADS is not set
-+# CONFIG_CMD_ITEST is not set
-+# CONFIG_CMD_SETEXPR is not set
-+CONFIG_CMD_DHCP=y
-+# CONFIG_CMD_NFS is not set
-+CONFIG_CMD_MII=y
-+CONFIG_CMD_PING=y
-+CONFIG_CMD_CACHE=y
-+CONFIG_CMD_FAT=y
-+CONFIG_DM=y
-+CONFIG_MTD_NOR_FLASH=y
-+CONFIG_DM_SERIAL=y
-+CONFIG_OF_LIBFDT=y
-diff --git a/include/configs/corstone500.h b/include/configs/corstone500.h
-new file mode 100644
-index 000000000000..416f5fa4399d
---- /dev/null
-+++ b/include/configs/corstone500.h
-@@ -0,0 +1,102 @@
-+/* SPDX-License-Identifier: GPL-2.0+ */
-+/*
-+ * (C) Copyright 2022 ARM Limited
-+ * (C) Copyright 2022 Linaro
-+ * Rui Miguel Silva <rui.silva@linaro.org>
-+ *
-+ * Configuration for Cortex-A5 Corstone500. Parts were derived from other ARM
-+ * configurations.
-+ */
-+
-+#ifndef __CORSTONE500_H
-+#define __CORSTONE500_H
-+
-+/* Generic Timer Definitions */
-+#define CONFIG_SYS_HZ_CLOCK	7500000
-+#define CONFIG_SYS_HZ		1000
-+#define COUNTER_FREQUENCY	CONFIG_SYS_HZ_CLOCK
-+
-+#ifdef CONFIG_CORSTONE500_MEMORY_MAP_EXTENDED
-+#define V2M_SRAM0		0x00010000
-+#define V2M_SRAM1		0x02200000
-+#define V2M_QSPI		0x0a800000
-+#else
-+#define V2M_SRAM0		0x00000000
-+#define V2M_SRAM1		0x02000000
-+#define V2M_QSPI		0x08000000
-+#endif
-+
-+#define V2M_DEBUG		0x10000000
-+#define V2M_BASE_PERIPH		0x1a000000
-+#define V2M_A5_PERIPH		0x1c000000
-+#define V2M_L2CC_PERIPH		0x1c010000
-+
-+#define V2M_MASTER_EXPANSION0	0x40000000
-+#define V2M_MASTER_EXPANSION1	0x60000000
-+
-+#define V2M_BASE		0x80000000
-+
-+#define V2M_PERIPH_OFFSET(x)  (x << 16)
-+
-+#define V2M_SYSID		(V2M_BASE_PERIPH)
-+#define V2M_SYCTL		(V2M_BASE_PERIPH + V2M_PERIPH_OFFSET(1))
-+#define V2M_COUNTER_CTL		(V2M_BASE_PERIPH + V2M_PERIPH_OFFSET(2))
-+#define V2M_COUNTER_READ	(V2M_BASE_PERIPH + V2M_PERIPH_OFFSET(3))
-+#define V2M_TIMER_CTL		(V2M_BASE_PERIPH + V2M_PERIPH_OFFSET(4))
-+#define V2M_TIMER0		(V2M_BASE_PERIPH + V2M_PERIPH_OFFSET(5))
-+
-+#define V2M_WATCHDOG_CTL	(V2M_BASE_PERIPH + V2M_PERIPH_OFFSET(16))
-+#define V2M_WATCHDOG_REFRESH	(V2M_BASE_PERIPH + V2M_PERIPH_OFFSET(17))
-+
-+#define V2M_UART0		(V2M_BASE_PERIPH + V2M_PERIPH_OFFSET(32))
-+#define V2M_UART1		(V2M_BASE_PERIPH + V2M_PERIPH_OFFSET(33))
-+
-+#define V2M_RTC			(V2M_BASE_PERIPH + V2M_PERIPH_OFFSET(34))
-+#define V2M_TRNG		(V2M_BASE_PERIPH + V2M_PERIPH_OFFSET(35))
-+
-+/* PL011 Serial Configuration */
-+#define CONFIG_CONS_INDEX	0
-+#define CONFIG_PL011_CLOCK	7500000
-+
-+/* Physical Memory Map */
-+#define PHYS_SDRAM_1		(V2M_BASE)
-+
-+/* Top 16MB reserved for secure world use */
-+#define DRAM_SEC_SIZE		0x01000000
-+#define PHYS_SDRAM_1_SIZE	(0x80000000 - DRAM_SEC_SIZE)
-+
-+/* Miscellaneous configurable options */
-+#define CONFIG_SYS_SDRAM_BASE	PHYS_SDRAM_1
-+
-+#define CONFIG_SYS_MMIO_TIMER
-+
-+#define CONFIG_EXTRA_ENV_SETTINGS     \
-+				"kernel_name=Image\0"           \
-+				"kernel_addr=0x80f00000\0"      \
-+				"initrd_name=ramdisk.img\0"     \
-+				"initrd_addr=0x84000000\0"      \
-+				"fdt_name=devtree.dtb\0"        \
-+				"fdt_addr=0x83000000\0"         \
-+				"fdt_high=0xffffffff\0"         \
-+				"initrd_high=0xffffffff\0"
-+
-+#define CONFIG_BOOTCOMMAND	"echo copy to RAM...; " \
-+				"cp.b 0x80100000 $kernel_addr 0xb00000; " \
-+				"cp.b 0x80d00000 $initrd_addr 0x800000; " \
-+				"bootz $kernel_addr $initrd_addr:0x800000 $fdt_addr"
-+
-+/* Monitor Command Prompt */
-+#define CONFIG_SYS_FLASH_BASE		0x80000000
-+/* Store environment at top of flash */
-+#define CONFIG_ENV_ADDR			0x0a7c0000
-+#define CONFIG_ENV_SECT_SIZE		0x0040000
-+
-+#define CONFIG_SYS_FLASH_CFI		1
-+#define CONFIG_FLASH_CFI_DRIVER		1
-+#define CONFIG_SYS_FLASH_CFI_WIDTH	FLASH_CFI_32BIT
-+#define CONFIG_SYS_MAX_FLASH_BANKS	1
-+
-+#define CONFIG_SYS_FLASH_EMPTY_INFO   /* flinfo indicates empty blocks */
-+#define FLASH_MAX_SECTOR_SI		0x00040000
-+#define CONFIG_ENV_IS_IN_FLASH		1
-+#endif
--- 
-2.39.1
-
diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/fvp-baser-aemv8r64/0001-armv8-Add-ARMv8-MPU-configuration-logic.patch b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/fvp-baser-aemv8r64/0001-armv8-Add-ARMv8-MPU-configuration-logic.patch
index dd6b77d..45db74e 100644
--- a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/fvp-baser-aemv8r64/0001-armv8-Add-ARMv8-MPU-configuration-logic.patch
+++ b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/fvp-baser-aemv8r64/0001-armv8-Add-ARMv8-MPU-configuration-logic.patch
@@ -1,7 +1,7 @@
-From e90aa7853ae32cb03c86249a6c572ec88cdebaa2 Mon Sep 17 00:00:00 2001
+From 401a88bf6019941d4095476de76af5893686d6f6 Mon Sep 17 00:00:00 2001
 From: Peter Hoyes <Peter.Hoyes@arm.com>
 Date: Wed, 26 May 2021 17:41:10 +0100
-Subject: [PATCH 1/9] armv8: Add ARMv8 MPU configuration logic
+Subject: [PATCH] armv8: Add ARMv8 MPU configuration logic
 
 Detect whether an MMU is present at the current exception level. If
 not, initialize the MPU instead of the MMU during init, and clear the
@@ -19,6 +19,7 @@
   Implementation pending further discussion
 Signed-off-by: Peter Hoyes <Peter.Hoyes@arm.com>
 Change-Id: I0ee3879f9d7f03fe940664b3551c68eeaa458d17
+
 ---
  arch/arm/cpu/armv8/cache_v8.c    | 101 ++++++++++++++++++++++++++++++-
  arch/arm/include/asm/armv8/mpu.h |  59 ++++++++++++++++++
@@ -27,7 +28,7 @@
  create mode 100644 arch/arm/include/asm/armv8/mpu.h
 
 diff --git a/arch/arm/cpu/armv8/cache_v8.c b/arch/arm/cpu/armv8/cache_v8.c
-index e4736e5643..798aed8058 100644
+index 2a226fd063..8611a35eb3 100644
 --- a/arch/arm/cpu/armv8/cache_v8.c
 +++ b/arch/arm/cpu/armv8/cache_v8.c
 @@ -15,6 +15,7 @@
@@ -145,8 +146,8 @@
 +		}
  	}
  
- 	set_sctlr(get_sctlr() | CR_C);
-@@ -519,7 +610,11 @@ void dcache_disable(void)
+ 	/* Set up page tables only once (it is done also by mmu_setup()) */
+@@ -523,7 +614,11 @@ void dcache_disable(void)
  	set_sctlr(sctlr & ~(CR_C|CR_M));
  
  	flush_dcache_all();
@@ -254,6 +255,3 @@
  /*
   * ID_AA64PFR0_EL1 bits definitions
   */
--- 
-2.25.1
-
diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/fvp-baser-aemv8r64/0002-vexpress64-add-MPU-memory-map-for-the-BASER_FVP.patch b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/fvp-baser-aemv8r64/0002-vexpress64-add-MPU-memory-map-for-the-BASER_FVP.patch
index b8cab45..103e484 100644
--- a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/fvp-baser-aemv8r64/0002-vexpress64-add-MPU-memory-map-for-the-BASER_FVP.patch
+++ b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/fvp-baser-aemv8r64/0002-vexpress64-add-MPU-memory-map-for-the-BASER_FVP.patch
@@ -1,7 +1,7 @@
-From 181f5efb401ffaa5ab0898b07a976796f75e502a Mon Sep 17 00:00:00 2001
+From 5b42322cb57692dbea7d2c39fd8769b6f0f6b7af Mon Sep 17 00:00:00 2001
 From: Qi Feng <qi.feng@arm.com>
 Date: Tue, 26 Jul 2022 18:13:23 +0800
-Subject: [PATCH 2/9] vexpress64: add MPU memory map for the BASER_FVP
+Subject: [PATCH] vexpress64: add MPU memory map for the BASER_FVP
 
 The previous patch added support for initializing an Armv8 MPU. There is only an
 MPU at S-EL2 on the BASER_FVP, so add a platform-specific MPU memory map.
@@ -12,6 +12,7 @@
   Implementation pending further discussion
 Signed-off-by: Peter Hoyes <Peter.Hoyes@arm.com>
 Signed-off-by: Qi Feng <qi.feng@arm.com>
+
 ---
  board/armltd/vexpress64/vexpress64.c | 22 ++++++++++++++++++++++
  1 file changed, 22 insertions(+)
@@ -56,6 +57,3 @@
  static struct mm_region vexpress64_mem_map[] = {
  	{
  		.virt = V2M_PA_BASE,
--- 
-2.25.1
-
diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/fvp-baser-aemv8r64/0003-armv8-Allow-disabling-exception-vectors-on-non-SPL-b.patch b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/fvp-baser-aemv8r64/0003-armv8-Allow-disabling-exception-vectors-on-non-SPL-b.patch
index caabf80..5953abc 100644
--- a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/fvp-baser-aemv8r64/0003-armv8-Allow-disabling-exception-vectors-on-non-SPL-b.patch
+++ b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/fvp-baser-aemv8r64/0003-armv8-Allow-disabling-exception-vectors-on-non-SPL-b.patch
@@ -1,8 +1,7 @@
-From 07cc3e4af3def76d92faf39712d4fd8717b21d2b Mon Sep 17 00:00:00 2001
+From ffb0f72a67926c3053308cf03420bc0c36675d42 Mon Sep 17 00:00:00 2001
 From: Peter Hoyes <Peter.Hoyes@arm.com>
 Date: Fri, 10 Dec 2021 11:41:19 +0000
-Subject: [PATCH 3/9] armv8: Allow disabling exception vectors on non-SPL
- builds
+Subject: [PATCH] armv8: Allow disabling exception vectors on non-SPL builds
 
 On the BASER_FVP, U-Boot shares EL2 with another bootloader, so we do
 not wish to overide the exception vector, but we are also not using an
@@ -19,6 +18,7 @@
   Implementation pending further discussion
 Signed-off-by: Peter Hoyes <Peter.Hoyes@arm.com>
 Change-Id: I0cf0fc6d7ef4d45791411cf1f67c65e198cc8b2b
+
 ---
  arch/arm/cpu/armv8/Kconfig        | 10 ++++++++--
  arch/arm/cpu/armv8/Makefile       |  6 ++----
@@ -72,7 +72,7 @@
  endif
  obj-y	+= tlb.o
 diff --git a/arch/arm/cpu/armv8/start.S b/arch/arm/cpu/armv8/start.S
-index 28f0df13f0..f831e77af3 100644
+index f3ea858577..7fad901336 100644
 --- a/arch/arm/cpu/armv8/start.S
 +++ b/arch/arm/cpu/armv8/start.S
 @@ -104,7 +104,7 @@ pie_skip_reloc:
@@ -102,6 +102,3 @@
  # CONFIG_MMC is not set
  CONFIG_VIRTIO_MMIO=y
 +CONFIG_ARMV8_EXCEPTION_VECTORS=n
--- 
-2.25.1
-
diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/fvp-baser-aemv8r64/0004-armv8-ARMV8_SWITCH_TO_EL1-improvements.patch b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/fvp-baser-aemv8r64/0004-armv8-ARMV8_SWITCH_TO_EL1-improvements.patch
index 81758fc..157a15d 100644
--- a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/fvp-baser-aemv8r64/0004-armv8-ARMV8_SWITCH_TO_EL1-improvements.patch
+++ b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/fvp-baser-aemv8r64/0004-armv8-ARMV8_SWITCH_TO_EL1-improvements.patch
@@ -1,7 +1,7 @@
-From 30405f59881c73946b6b0ffdbf25804f9fbf1585 Mon Sep 17 00:00:00 2001
+From 14e204ffca5870d6bfd238627937a2028c88589d Mon Sep 17 00:00:00 2001
 From: Peter Hoyes <Peter.Hoyes@arm.com>
 Date: Wed, 14 Jul 2021 12:44:27 +0100
-Subject: [PATCH 4/9] armv8: ARMV8_SWITCH_TO_EL1 improvements
+Subject: [PATCH] armv8: ARMV8_SWITCH_TO_EL1 improvements
 
 Convert CONFIG_ARMV8_SWITCH_TO_EL1 to a Kconfig variable.
 
@@ -16,6 +16,7 @@
   Implementation pending further discussion
 Signed-off-by: Peter Hoyes <Peter.Hoyes@arm.com>
 Change-Id: If98478148d6d8d1f732acac5439276700614815f
+
 ---
  arch/arm/cpu/armv8/exception_level.c | 21 ++++++++++++++--
  arch/arm/lib/bootm.c                 | 36 ++++++++++++++++------------
@@ -66,7 +67,7 @@
  	}
  }
 diff --git a/arch/arm/lib/bootm.c b/arch/arm/lib/bootm.c
-index 9f086f3b90..b044aeca88 100644
+index e414ef8267..9a86c17d2a 100644
 --- a/arch/arm/lib/bootm.c
 +++ b/arch/arm/lib/bootm.c
 @@ -270,7 +270,6 @@ __weak void update_os_arch_secondary_cores(uint8_t os_arch)
@@ -84,8 +85,8 @@
 -#endif
  
  /* Subcommand: GO */
- static void boot_jump_linux(bootm_headers_t *images, int flag)
-@@ -312,21 +310,29 @@ static void boot_jump_linux(bootm_headers_t *images, int flag)
+ static void boot_jump_linux(struct bootm_headers *images, int flag)
+@@ -312,21 +310,29 @@ static void boot_jump_linux(struct bootm_headers *images, int flag)
  
  		update_os_arch_secondary_cores(images->os.arch);
  
@@ -137,6 +138,3 @@
  CONFIG_VIRTIO_MMIO=y
  CONFIG_ARMV8_EXCEPTION_VECTORS=n
 +CONFIG_ARMV8_SWITCH_TO_EL1=y
--- 
-2.25.1
-
diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/fvp-baser-aemv8r64/0005-armv8-Make-disabling-HVC-configurable-when-switching.patch b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/fvp-baser-aemv8r64/0005-armv8-Make-disabling-HVC-configurable-when-switching.patch
index f64db3b..82926cc 100644
--- a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/fvp-baser-aemv8r64/0005-armv8-Make-disabling-HVC-configurable-when-switching.patch
+++ b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/fvp-baser-aemv8r64/0005-armv8-Make-disabling-HVC-configurable-when-switching.patch
@@ -1,8 +1,7 @@
-From a6daca56b77d7f1b26483f10eb33ebdd6e157d3e Mon Sep 17 00:00:00 2001
+From e3d24bc1fd0b09915b5181de1282f7008bbf776f Mon Sep 17 00:00:00 2001
 From: Peter Hoyes <Peter.Hoyes@arm.com>
 Date: Fri, 10 Dec 2021 16:37:26 +0000
-Subject: [PATCH 5/9] armv8: Make disabling HVC configurable when switching to
- EL1
+Subject: [PATCH] armv8: Make disabling HVC configurable when switching to EL1
 
 On the BASER_FVP there is no EL3, so HVC is used to provide PSCI
 services. Therefore we cannot disable hypercalls.
@@ -15,6 +14,7 @@
   Implementation pending further discussion
 Signed-off-by: Peter Hoyes <Peter.Hoyes@arm.com>
 Change-Id: I463d82f1db8a3cafcab40a9c0c208753569cc300
+
 ---
  arch/arm/cpu/armv8/Kconfig        |  9 +++++++++
  arch/arm/include/asm/macro.h      | 10 ++++++++--
@@ -78,6 +78,3 @@
  CONFIG_ARMV8_EXCEPTION_VECTORS=n
  CONFIG_ARMV8_SWITCH_TO_EL1=y
 +CONFIG_ARMV8_DISABLE_HVC=n
--- 
-2.25.1
-
diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/fvp-baser-aemv8r64/0006-vexpress64-Do-not-set-COUNTER_FREQUENCY.patch b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/fvp-baser-aemv8r64/0006-vexpress64-Do-not-set-COUNTER_FREQUENCY.patch
index ebbc939..eb2273e 100644
--- a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/fvp-baser-aemv8r64/0006-vexpress64-Do-not-set-COUNTER_FREQUENCY.patch
+++ b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/fvp-baser-aemv8r64/0006-vexpress64-Do-not-set-COUNTER_FREQUENCY.patch
@@ -1,7 +1,7 @@
-From 862d3f1ac66a75cdf48adbdebd8adbaf671a9366 Mon Sep 17 00:00:00 2001
+From 571f44d5292cfead6f68bf4c6c9519872337bfd0 Mon Sep 17 00:00:00 2001
 From: Qi Feng <qi.feng@arm.com>
 Date: Thu, 28 Jul 2022 17:47:18 +0800
-Subject: [PATCH 6/9] vexpress64: Do not set COUNTER_FREQUENCY
+Subject: [PATCH] vexpress64: Do not set COUNTER_FREQUENCY
 
 VExpress boards normally run as a second-stage bootloader so should not
 need to modify CNTFRQ_EL0. On the BASER_FVP, U-Boot can modify it if
@@ -13,6 +13,7 @@
   Implementation pending further discussion
 Signed-off-by: Peter Hoyes <Peter.Hoyes@arm.com>
 Signed-off-by: Qi Feng <qi.feng@arm.com>
+
 ---
  configs/vexpress_aemv8r_defconfig | 1 -
  1 file changed, 1 deletion(-)
@@ -27,6 +28,3 @@
  CONFIG_ARCH_VEXPRESS64=y
  CONFIG_NR_DRAM_BANKS=2
  CONFIG_DEFAULT_DEVICE_TREE="arm_fvp"
--- 
-2.25.1
-
diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/fvp-baser-aemv8r64/0007-vexpress64-Enable-LIBFDT_OVERLAY-in-the-vexpress_aem.patch b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/fvp-baser-aemv8r64/0007-vexpress64-Enable-LIBFDT_OVERLAY-in-the-vexpress_aem.patch
index 8c09ed2..6f5bfa3 100644
--- a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/fvp-baser-aemv8r64/0007-vexpress64-Enable-LIBFDT_OVERLAY-in-the-vexpress_aem.patch
+++ b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/fvp-baser-aemv8r64/0007-vexpress64-Enable-LIBFDT_OVERLAY-in-the-vexpress_aem.patch
@@ -1,7 +1,7 @@
-From 32beea722c1167c9b33f1ecfdc28d360cabd6823 Mon Sep 17 00:00:00 2001
+From df01346bb63c821cf8e73202e2894ceda9cb692b Mon Sep 17 00:00:00 2001
 From: Peter Hoyes <Peter.Hoyes@arm.com>
 Date: Tue, 22 Feb 2022 15:32:51 +0000
-Subject: [PATCH 7/9] vexpress64: Enable LIBFDT_OVERLAY in the vexpress_aemv8r
+Subject: [PATCH] vexpress64: Enable LIBFDT_OVERLAY in the vexpress_aemv8r
  defconfig
 
 Issue-Id: SCM-3874
@@ -9,6 +9,7 @@
   Implementation pending further discussion
 Signed-off-by: Peter Hoyes <Peter.Hoyes@arm.com>
 Change-Id: Ide0532cf2de89f1bca9c8d4bd2ed0c1a1c57599f
+
 ---
  configs/vexpress_aemv8r_defconfig | 1 +
  1 file changed, 1 insertion(+)
@@ -22,6 +23,3 @@
  CONFIG_ARMV8_SWITCH_TO_EL1=y
  CONFIG_ARMV8_DISABLE_HVC=n
 +CONFIG_OF_LIBFDT_OVERLAY=y
--- 
-2.25.1
-
diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/fvp-baser-aemv8r64/0008-armv8-Allow-PRBAR-MPU-attributes-to-be-configured.patch b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/fvp-baser-aemv8r64/0008-armv8-Allow-PRBAR-MPU-attributes-to-be-configured.patch
index 8be14ee..61bdf92 100644
--- a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/fvp-baser-aemv8r64/0008-armv8-Allow-PRBAR-MPU-attributes-to-be-configured.patch
+++ b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/fvp-baser-aemv8r64/0008-armv8-Allow-PRBAR-MPU-attributes-to-be-configured.patch
@@ -1,7 +1,7 @@
-From 01490ab8deb0f0b61eeb55a02ee5ea430cfe7eee Mon Sep 17 00:00:00 2001
+From 665ab8253a0e3e17db54a1682bbee0f5659939a2 Mon Sep 17 00:00:00 2001
 From: Peter Hoyes <Peter.Hoyes@arm.com>
 Date: Wed, 18 May 2022 15:24:19 +0100
-Subject: [PATCH 8/9] armv8: Allow PRBAR MPU attributes to be configured
+Subject: [PATCH] armv8: Allow PRBAR MPU attributes to be configured
 
 In a previous patch, support was added to initialize an S-EL2 MPU on
 armv8r64 machines. This implementation allowed the PRLAR attribute
@@ -21,6 +21,7 @@
 Upstream-Status: Inappropriate [other]
   Implementation pending further discussion
 Change-Id: I6b72aead91ad12412262aa32c61a53e12eab3984
+
 ---
  arch/arm/cpu/armv8/cache_v8.c        | 12 ++++++++----
  arch/arm/include/asm/armv8/mpu.h     |  3 ++-
@@ -28,7 +29,7 @@
  3 files changed, 16 insertions(+), 8 deletions(-)
 
 diff --git a/arch/arm/cpu/armv8/cache_v8.c b/arch/arm/cpu/armv8/cache_v8.c
-index 798aed8058..e336339281 100644
+index 8611a35eb3..f7de952187 100644
 --- a/arch/arm/cpu/armv8/cache_v8.c
 +++ b/arch/arm/cpu/armv8/cache_v8.c
 @@ -390,7 +390,9 @@ static void mpu_clear_regions(void)
@@ -100,6 +101,3 @@
  	}, {
  		/* List terminator */
  		0,
--- 
-2.25.1
-
diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/fvp-baser-aemv8r64/0009-armv8-Enable-icache-when-switching-exception-levels-.patch b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/fvp-baser-aemv8r64/0009-armv8-Enable-icache-when-switching-exception-levels-.patch
index 0e0a248..a4bc746 100644
--- a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/fvp-baser-aemv8r64/0009-armv8-Enable-icache-when-switching-exception-levels-.patch
+++ b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/fvp-baser-aemv8r64/0009-armv8-Enable-icache-when-switching-exception-levels-.patch
@@ -1,7 +1,7 @@
-From 0f15f6b02825b042ddc1d753f62cf87f30b1fe12 Mon Sep 17 00:00:00 2001
+From c7301588a3aec9ebf36749da601d0d6e3d807bfc Mon Sep 17 00:00:00 2001
 From: Peter Hoyes <Peter.Hoyes@arm.com>
 Date: Thu, 19 May 2022 09:02:32 +0100
-Subject: [PATCH 9/9] armv8: Enable icache when switching exception levels in
+Subject: [PATCH] armv8: Enable icache when switching exception levels in
  bootefi
 
 bootefi calls the function switch_to_non_secure_mode before calling the
@@ -26,6 +26,7 @@
 Upstream-Status: Inappropriate [other]
   Implementation pending further discussion
 Change-Id: I678cd5ba39b56e124ab7854608289cd14651ce65
+
 ---
  arch/arm/cpu/armv8/exception_level.c | 3 +++
  1 file changed, 3 insertions(+)
@@ -58,6 +59,3 @@
  		/* Move into EL1 and keep running there */
  		armv8_switch_to_el1((uintptr_t)&non_secure_jmp, 0, 0, 0,
  				    (uintptr_t)entry_non_secure, ES_TO_AARCH64);
--- 
-2.25.1
-
diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot_%.bbappend b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot_%.bbappend
index 6c0d490..d1dcd74 100644
--- a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot_%.bbappend
+++ b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot_%.bbappend
@@ -1,13 +1,6 @@
 FILESEXTRAPATHS:prepend := "${THISDIR}/${PN}:"
 
 #
-# Corstone-500 MACHINE
-#
-SRC_URI:append:corstone500 = " \
-                   file://0001-armv7-adding-generic-timer-access-through-MMIO.patch \
-                   file://0002-board-arm-add-corstone500-board.patch"
-
-#
 # Corstone1000 64-bit machines
 #
 DEPENDS:append:corstone1000 = " gnutls-native"
@@ -50,7 +43,8 @@
 	file://0030-corstone1000-boot-index-from-active.patch			  \
 	file://0031-corstone1000-enable-PSCI-reset.patch			  \
 	file://0032-Enable-EFI-set-get-time-services.patch			  \
-	file://0033-Increase-the-unzipped-Kernel-size.patch			  \
+	file://0033-corstone1000-detect-inflated-kernel-size.patch			  \
+	file://0034-corstone1000-ESRT-add-unique-firmware-GUID.patch		\
         "
 
 #
diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot_2022.10.bb b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot_2022.10.bb
deleted file mode 100644
index 905ae55..0000000
--- a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot_2022.10.bb
+++ /dev/null
@@ -1,26 +0,0 @@
-HOMEPAGE = "http://www.denx.de/wiki/U-Boot/WebHome"
-DESCRIPTION = "U-Boot, a boot loader for Embedded boards based on PowerPC, \
-ARM, MIPS and several other processors, which can be installed in a boot \
-ROM and used to initialize and test the hardware or to download and run \
-application code."
-SECTION = "bootloaders"
-DEPENDS += "flex-native bison-native"
-
-LICENSE = "GPL-2.0-or-later"
-LIC_FILES_CHKSUM = "file://Licenses/README;md5=2ca5f2c35c8cc335f0a19756634782f1"
-PE = "1"
-
-# We use the revision in order to avoid having to fetch it from the
-# repo during parse
-SRCREV = "4debc57a3da6c3f4d3f89a637e99206f4cea0a96"
-
-SRC_URI = "git://git.denx.de/u-boot.git;branch=master \
-          "
-
-S = "${WORKDIR}/git"
-B = "${WORKDIR}/build"
-do_configure[cleandirs] = "${B}"
-
-require recipes-bsp/u-boot/u-boot.inc
-
-DEPENDS += "bc-native dtc-native gnutls-native"
diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/uefi/edk2-firmware-n1sdp.inc b/meta-arm/meta-arm-bsp/recipes-bsp/uefi/edk2-firmware-n1sdp.inc
index 0d557f3..fcdedf8 100644
--- a/meta-arm/meta-arm-bsp/recipes-bsp/uefi/edk2-firmware-n1sdp.inc
+++ b/meta-arm/meta-arm-bsp/recipes-bsp/uefi/edk2-firmware-n1sdp.inc
@@ -11,18 +11,16 @@
 EFIDIR             = "/EFI/BOOT"
 EFI_BOOT_IMAGE     = "bootaa64.efi"
 
-FILESEXTRAPATHS:prepend := "${THISDIR}/files/edk2-platforms:"
-
+FILESEXTRAPATHS:prepend := "${THISDIR}/files/n1sdp:"
 SRC_URI:append = "\
     file://0001-Platform-ARM-N1sdp-Add-support-to-parse-NT_FW_CONFIG.patch;patchdir=edk2-platforms \
-    file://0002-Platform-ARM-N1Sdp-Fix-RemoteDdrSize-cast.patch;patchdir=edk2-platforms \
-    file://0003-Platform-ARM-N1Sdp-Modify-the-IRQ-ID-of-Debug-UART-a.patch;patchdir=edk2-platforms \
-    file://0004-Silicon-ARM-NeoverseN1Soc-Enable-SCP-QSPI-flash-regi.patch;patchdir=edk2-platforms \
-    file://0005-Platform-ARM-N1Sdp-NOR-flash-library-for-N1Sdp.patch;patchdir=edk2-platforms \
-    file://0006-Platform-ARM-N1Sdp-NOR-flash-Dxe-Driver-for-N1Sdp.patch;patchdir=edk2-platforms \
-    file://0007-Platform-ARM-N1Sdp-Persistent-storage-for-N1Sdp.patch;patchdir=edk2-platforms \
-    file://0008-Platform-ARM-N1Sdp-Enable-FaultTolerantWrite-Dxe-dri.patch;patchdir=edk2-platforms \
-    file://0009-Platform-ARM-N1Sdp-manually-poll-QSPI-status-bit-aft.patch;patchdir=edk2-platforms \
+    file://0002-Platform-ARM-N1Sdp-Modify-the-IRQ-ID-of-Debug-UART-a.patch;patchdir=edk2-platforms \
+    file://0003-Silicon-ARM-NeoverseN1Soc-Enable-SCP-QSPI-flash-regi.patch;patchdir=edk2-platforms \
+    file://0004-Platform-ARM-N1Sdp-NOR-flash-library-for-N1Sdp.patch;patchdir=edk2-platforms \
+    file://0005-Platform-ARM-N1Sdp-NOR-flash-Dxe-Driver-for-N1Sdp.patch;patchdir=edk2-platforms \
+    file://0006-Platform-ARM-N1Sdp-Persistent-storage-for-N1Sdp.patch;patchdir=edk2-platforms \
+    file://0007-Platform-ARM-N1Sdp-Enable-FaultTolerantWrite-Dxe-dri.patch;patchdir=edk2-platforms \
+    file://0008-Platform-ARM-N1Sdp-manually-poll-QSPI-status-bit-aft.patch;patchdir=edk2-platforms \
 "
 
 do_deploy:append() {
diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/uefi/files/edk2-platforms/0002-Platform-ARM-N1Sdp-Fix-RemoteDdrSize-cast.patch b/meta-arm/meta-arm-bsp/recipes-bsp/uefi/files/edk2-platforms/0002-Platform-ARM-N1Sdp-Fix-RemoteDdrSize-cast.patch
deleted file mode 100644
index 5e63417..0000000
--- a/meta-arm/meta-arm-bsp/recipes-bsp/uefi/files/edk2-platforms/0002-Platform-ARM-N1Sdp-Fix-RemoteDdrSize-cast.patch
+++ /dev/null
@@ -1,44 +0,0 @@
-From ba3ed154863d1acd0996178beaf3a2bc693b938c Mon Sep 17 00:00:00 2001
-From: sahil <sahil@arm.com>
-Date: Wed, 20 Apr 2022 12:24:41 +0530
-Subject: [PATCH] Platform/ARM/N1Sdp: Fix RemoteDdrSize cast
-
-RemoteDdrSize calculation wraps around when booting N1Sdp in
-multichip mode. Casting it to UINT64 to fix the issue.
-
-Upstream-Status: Pending
-Signed-off-by: Adam Johnston <adam.johnston@arm.com>
-Signed-off-by: Xueliang Zhong <xueliang.zhong@arm.com>
-Signed-off-by: sahil <sahil@arm.com>
-Change-Id: Ic51269a8d67669684a5f056701cfbef6beb23da2
----
- .../ConfigurationManagerDxe/ConfigurationManager.c              | 2 +-
- Silicon/ARM/NeoverseN1Soc/Library/PlatformLib/PlatformLibMem.c  | 2 +-
- 2 files changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/Platform/ARM/N1Sdp/ConfigurationManager/ConfigurationManagerDxe/ConfigurationManager.c b/Platform/ARM/N1Sdp/ConfigurationManager/ConfigurationManagerDxe/ConfigurationManager.c
-index c15020f5..b11c0425 100644
---- a/Platform/ARM/N1Sdp/ConfigurationManager/ConfigurationManagerDxe/ConfigurationManager.c
-+++ b/Platform/ARM/N1Sdp/ConfigurationManager/ConfigurationManagerDxe/ConfigurationManager.c
-@@ -1254,7 +1254,7 @@ InitializePlatformRepository (
-   PlatRepoInfo->MemAffInfo[LOCAL_DDR_REGION2].Length = Dram2Size;

- 

-   if (PlatInfo->MultichipMode == 1) {

--    RemoteDdrSize = ((PlatInfo->RemoteDdrSize - 2) * SIZE_1GB);

-+    RemoteDdrSize = ((UINT64)(PlatInfo->RemoteDdrSize - 2) * SIZE_1GB);

- 

-     // Update Remote DDR Region1

-     PlatRepoInfo->MemAffInfo[REMOTE_DDR_REGION1].ProximityDomain = 1;

-diff --git a/Silicon/ARM/NeoverseN1Soc/Library/PlatformLib/PlatformLibMem.c b/Silicon/ARM/NeoverseN1Soc/Library/PlatformLib/PlatformLibMem.c
-index 1d53ec75..5cacd437 100644
---- a/Silicon/ARM/NeoverseN1Soc/Library/PlatformLib/PlatformLibMem.c
-+++ b/Silicon/ARM/NeoverseN1Soc/Library/PlatformLib/PlatformLibMem.c
-@@ -157,7 +157,7 @@ ArmPlatformGetVirtualMemoryMap (
-     DramBlock2Size);

- 

-   if (PlatInfo->MultichipMode == 1) {

--    RemoteDdrSize = ((PlatInfo->RemoteDdrSize - 2) * SIZE_1GB);

-+    RemoteDdrSize = ((UINT64)(PlatInfo->RemoteDdrSize - 2) * SIZE_1GB);

- 

-     BuildResourceDescriptorHob (

-       EFI_RESOURCE_SYSTEM_MEMORY,

diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/uefi/files/edk2-platforms/0001-Platform-ARM-N1sdp-Add-support-to-parse-NT_FW_CONFIG.patch b/meta-arm/meta-arm-bsp/recipes-bsp/uefi/files/n1sdp/0001-Platform-ARM-N1sdp-Add-support-to-parse-NT_FW_CONFIG.patch
similarity index 100%
rename from meta-arm/meta-arm-bsp/recipes-bsp/uefi/files/edk2-platforms/0001-Platform-ARM-N1sdp-Add-support-to-parse-NT_FW_CONFIG.patch
rename to meta-arm/meta-arm-bsp/recipes-bsp/uefi/files/n1sdp/0001-Platform-ARM-N1sdp-Add-support-to-parse-NT_FW_CONFIG.patch
diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/uefi/files/edk2-platforms/0003-Platform-ARM-N1Sdp-Modify-the-IRQ-ID-of-Debug-UART-a.patch b/meta-arm/meta-arm-bsp/recipes-bsp/uefi/files/n1sdp/0002-Platform-ARM-N1Sdp-Modify-the-IRQ-ID-of-Debug-UART-a.patch
similarity index 100%
rename from meta-arm/meta-arm-bsp/recipes-bsp/uefi/files/edk2-platforms/0003-Platform-ARM-N1Sdp-Modify-the-IRQ-ID-of-Debug-UART-a.patch
rename to meta-arm/meta-arm-bsp/recipes-bsp/uefi/files/n1sdp/0002-Platform-ARM-N1Sdp-Modify-the-IRQ-ID-of-Debug-UART-a.patch
diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/uefi/files/edk2-platforms/0004-Silicon-ARM-NeoverseN1Soc-Enable-SCP-QSPI-flash-regi.patch b/meta-arm/meta-arm-bsp/recipes-bsp/uefi/files/n1sdp/0003-Silicon-ARM-NeoverseN1Soc-Enable-SCP-QSPI-flash-regi.patch
similarity index 100%
rename from meta-arm/meta-arm-bsp/recipes-bsp/uefi/files/edk2-platforms/0004-Silicon-ARM-NeoverseN1Soc-Enable-SCP-QSPI-flash-regi.patch
rename to meta-arm/meta-arm-bsp/recipes-bsp/uefi/files/n1sdp/0003-Silicon-ARM-NeoverseN1Soc-Enable-SCP-QSPI-flash-regi.patch
diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/uefi/files/edk2-platforms/0005-Platform-ARM-N1Sdp-NOR-flash-library-for-N1Sdp.patch b/meta-arm/meta-arm-bsp/recipes-bsp/uefi/files/n1sdp/0004-Platform-ARM-N1Sdp-NOR-flash-library-for-N1Sdp.patch
similarity index 100%
rename from meta-arm/meta-arm-bsp/recipes-bsp/uefi/files/edk2-platforms/0005-Platform-ARM-N1Sdp-NOR-flash-library-for-N1Sdp.patch
rename to meta-arm/meta-arm-bsp/recipes-bsp/uefi/files/n1sdp/0004-Platform-ARM-N1Sdp-NOR-flash-library-for-N1Sdp.patch
diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/uefi/files/edk2-platforms/0006-Platform-ARM-N1Sdp-NOR-flash-Dxe-Driver-for-N1Sdp.patch b/meta-arm/meta-arm-bsp/recipes-bsp/uefi/files/n1sdp/0005-Platform-ARM-N1Sdp-NOR-flash-Dxe-Driver-for-N1Sdp.patch
similarity index 100%
rename from meta-arm/meta-arm-bsp/recipes-bsp/uefi/files/edk2-platforms/0006-Platform-ARM-N1Sdp-NOR-flash-Dxe-Driver-for-N1Sdp.patch
rename to meta-arm/meta-arm-bsp/recipes-bsp/uefi/files/n1sdp/0005-Platform-ARM-N1Sdp-NOR-flash-Dxe-Driver-for-N1Sdp.patch
diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/uefi/files/edk2-platforms/0007-Platform-ARM-N1Sdp-Persistent-storage-for-N1Sdp.patch b/meta-arm/meta-arm-bsp/recipes-bsp/uefi/files/n1sdp/0006-Platform-ARM-N1Sdp-Persistent-storage-for-N1Sdp.patch
similarity index 100%
rename from meta-arm/meta-arm-bsp/recipes-bsp/uefi/files/edk2-platforms/0007-Platform-ARM-N1Sdp-Persistent-storage-for-N1Sdp.patch
rename to meta-arm/meta-arm-bsp/recipes-bsp/uefi/files/n1sdp/0006-Platform-ARM-N1Sdp-Persistent-storage-for-N1Sdp.patch
diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/uefi/files/edk2-platforms/0008-Platform-ARM-N1Sdp-Enable-FaultTolerantWrite-Dxe-dri.patch b/meta-arm/meta-arm-bsp/recipes-bsp/uefi/files/n1sdp/0007-Platform-ARM-N1Sdp-Enable-FaultTolerantWrite-Dxe-dri.patch
similarity index 100%
rename from meta-arm/meta-arm-bsp/recipes-bsp/uefi/files/edk2-platforms/0008-Platform-ARM-N1Sdp-Enable-FaultTolerantWrite-Dxe-dri.patch
rename to meta-arm/meta-arm-bsp/recipes-bsp/uefi/files/n1sdp/0007-Platform-ARM-N1Sdp-Enable-FaultTolerantWrite-Dxe-dri.patch
diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/uefi/files/edk2-platforms/0009-Platform-ARM-N1Sdp-manually-poll-QSPI-status-bit-aft.patch b/meta-arm/meta-arm-bsp/recipes-bsp/uefi/files/n1sdp/0008-Platform-ARM-N1Sdp-manually-poll-QSPI-status-bit-aft.patch
similarity index 100%
rename from meta-arm/meta-arm-bsp/recipes-bsp/uefi/files/edk2-platforms/0009-Platform-ARM-N1Sdp-manually-poll-QSPI-status-bit-aft.patch
rename to meta-arm/meta-arm-bsp/recipes-bsp/uefi/files/n1sdp/0008-Platform-ARM-N1Sdp-manually-poll-QSPI-status-bit-aft.patch