new file mode 100644
@@ -0,0 +1,33 @@
+From f5b2fa90e0c0324f31e72429e7a7382f49a25912 Mon Sep 17 00:00:00 2001
+From: Shen Jiamin <shen_jiamin@comp.nus.edu.sg>
+Date: Wed, 24 Jul 2024 18:58:55 +0800
+Subject: [PATCH] fix(zynqmp): handle secure SGI at EL1 for OP-TEE
+
+OP-TEE requires SGIs to be handled at S-EL1. The
+Makefile was not properly setting the flag
+GICV2_G0_FOR_EL3 to 0 when the SPD is OP-TEE.
+
+Change-Id: I256afa37ddf4ad4a154c43d51807de670c3689bb
+Signed-off-by: Shen Jiamin <shen_jiamin@comp.nus.edu.sg>
+---
+ plat/xilinx/zynqmp/platform.mk | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+Upstream-Status: Backport
+
+diff --git a/plat/xilinx/zynqmp/platform.mk b/plat/xilinx/zynqmp/platform.mk
+index c340009d0..22eceb621 100644
+--- a/plat/xilinx/zynqmp/platform.mk
++++ b/plat/xilinx/zynqmp/platform.mk
+@@ -21,7 +21,7 @@ ENABLE_LTO := 1
+ EL3_EXCEPTION_HANDLING := $(SDEI_SUPPORT)
+
+ # pncd SPD requires secure SGI to be handled at EL1
+-ifeq (${SPD}, $(filter ${SPD},pncd tspd))
++ifeq (${SPD}, $(filter ${SPD},pncd tspd opteed))
+ ifeq (${ZYNQMP_WDT_RESTART},1)
+ $(error "Error: ZYNQMP_WDT_RESTART and SPD=pncd are incompatible")
+ endif
+--
+2.34.1
+
new file mode 100644
@@ -0,0 +1,33 @@
+From b91c651e6d596cfe27448b19c8fb2f1168493827 Mon Sep 17 00:00:00 2001
+From: Mikko Rapeli <mikko.rapeli@linaro.org>
+Date: Mon, 15 Jan 2024 09:26:56 +0000
+Subject: [PATCH] qemu_measured_boot.c: ignore TPM error and continue with boot
+
+If firmware is configured with TPM support but it's missing
+on HW, e.g. swtpm not started and/or configured with qemu,
+then continue booting. Missing TPM is not a fatal error.
+Enables testing boot without TPM device to see that
+missing TPM is detected further up the SW stack and correct
+fallback actions are taken.
+
+Upstream-Status: Pending
+
+Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org>
+---
+ plat/qemu/qemu/qemu_measured_boot.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/plat/qemu/qemu/qemu_measured_boot.c b/plat/qemu/qemu/qemu_measured_boot.c
+index 76a4da17e6a9..ec7f44d3720d 100644
+--- a/plat/qemu/qemu/qemu_measured_boot.c
++++ b/plat/qemu/qemu/qemu_measured_boot.c
+@@ -80,7 +80,8 @@ void bl2_plat_mboot_finish(void)
+ * Note: In QEMU platform, OP-TEE uses nt_fw_config to get the
+ * secure Event Log buffer address.
+ */
+- panic();
++ ERROR("Ignoring TPM errors, continuing without\n");
++ return;
+ }
+
+ /* Copy Event Log to Non-secure memory */
TF-A Patches were erroneously moved to meta-arm-bsp, despite still being needed by the recipes in meta-arm. Copy them back and make copious apologies. Signed-off-by: Jon Mason <jon.mason@arm.com> --- ...-handle-secure-SGI-at-EL1-for-OP-TEE.patch | 33 +++++++++++++++++++ ...ot.c-ignore-TPM-error-and-continue-w.patch | 33 +++++++++++++++++++ 2 files changed, 66 insertions(+) create mode 100644 meta-arm/recipes-bsp/trusted-firmware-a/files/0001-fix-zynqmp-handle-secure-SGI-at-EL1-for-OP-TEE.patch create mode 100644 meta-arm/recipes-bsp/trusted-firmware-a/files/0001-qemu_measured_boot.c-ignore-TPM-error-and-continue-w.patch