Commitments to the LEDGE SC
Upstream TRS secure boot and TPM based encryption to OpenEmbedded
arm64 gets a reference secure build for arm64 platforms
patches to meta-arm fTPM /tf-a patchesand TF-A
uki.bbclass and tests for poky
dm-verity, systemd and initramfs for meta-security
improve systemd TPM module loading support
Patches merged upstream
Minimal support for TRS
TRS builds latest poky, meta-arm etc upstream main/master branches
Regressions get fixed and submitted back to upstream projects
TS maintenance
TS 0.5 release
TS builds latest poky, meta-arm etc main/master branches
Regressions get get fixed and submitted back to upstream project
...
OP-TEE maintenance
OP-TEE patch reviews and merges
OP-TEE releases
OP-TEE supplicant moved in kernel
Enhance Linux userspace and make it easier for distros to use Secure UEFI variables and TPMs
Merge patches in kernel upstream
U-Boot Memory Tagging extensions PoC
Provide out of tree patches that enable MTE support
Decide if it’s worth merging those upstream
Dynamic memory support for OP-TEE
OP-TEE improved memory usage
Patches merged in OP-TEE
XEN & FF-A async notifications
FF-A improved support for XEN
Patches merged to XEN and/or OP-TEE
...