May - August 2024

Upstream TRS secure boot and TPM based encryption
- meta-arm merges our fTPM/tf-a patches
- poky merges our uki.bbclass and tests
- meta-security merges our dm-verity, systemd initramfs patches
- improve systemd TPM module loading support
Minimal support for TRS
- TRS builds latest poky, meta-arm etc upstream main/master branches
- Regressions get fixed and submitted back to upstream projects
TS maintenance
- TS 0.5 release
- TS builds latest poky, meta-arm etc main/master branches
- Regressions get get fixed and submitted back to upstream project

OP-TEE maintenance
- OP-TEE patch reviews and merges
- OP-TEE releases
OP-TEE supplicant moved in kernel
- Enhance Linux userspace and make it easier for distros to use Secure UEFI variables and TPMs
- Merge patches in kernel upstream
U-Boot Memory Tagging extensions PoC
- Provide out of tree patches that enable MTE support
- Decide if it’s worth merging those upstream
Dynamic memory support for OP-TEE
- OP-TEE improved memory usage
- Patches merged in OP-TEE
XEN & FF-A async notifications
- FF-A improved support for XEN
- Patches merged to XEN and/or OP-TEE

ACS conformance for RB2
- Capsule update support for RB2 merged in U-Boot
- ACS passing successfully on RB2
- Fedora support for RB2 – Fedora public .iso installs on RB2 boards
U-Boot enhancements
- Dynamic UUIDs for capsule updates. Patches merged upstream
- USB support for RB5. Patches merged upstream