new file mode 100644
@@ -0,0 +1,41 @@
+From 2d305094f8f500362079e9e7637d46129bf980e4 Mon Sep 17 00:00:00 2001
+From: Adam Johnston <adam.johnston@arm.com>
+Date: Tue, 25 Jul 2023 16:05:51 +0000
+Subject: [PATCH] n1sdp: Reserve OP-TEE memory from NWd
+
+The physical memory which is used to run OP-TEE on the N1SDP is known
+to the secure world via TOS_FW_CONFIG, but it may not be known to the
+normal world.
+
+As a precaution, explicitly reserve this memory via NT_FW_CONFIG to
+prevent the normal world from using it. This is not required on most
+platforms as the Trusted OS is run from secure RAM.
+
+Upstream-Status: Pending (not yet submited to upstream)
+Signed-off-by: Adam Johnston <adam.johnston@arm.com>
+---
+ plat/arm/board/n1sdp/fdts/n1sdp_nt_fw_config.dts | 12 ++++++++++++
+ 1 file changed, 12 insertions(+)
+
+diff --git a/plat/arm/board/n1sdp/fdts/n1sdp_nt_fw_config.dts b/plat/arm/board/n1sdp/fdts/n1sdp_nt_fw_config.dts
+index da5e04ddb6..b7e2d4e86f 100644
+--- a/plat/arm/board/n1sdp/fdts/n1sdp_nt_fw_config.dts
++++ b/plat/arm/board/n1sdp/fdts/n1sdp_nt_fw_config.dts
+@@ -20,4 +20,16 @@
+ local-ddr-size = <0x0>;
+ remote-ddr-size = <0x0>;
+ };
++
++ reserved-memory {
++ #address-cells = <2>;
++ #size-cells = <2>;
++ ranges;
++
++ optee@0x08000000 {
++ compatible = "removed-dma-pool";
++ reg = <0x0 0x08000000 0x0 0x02000000>;
++ no-map;
++ };
++ };
+ };
+\ No newline at end of file
@@ -9,6 +9,12 @@ TFA_MBEDTLS = "1"
TFA_UBOOT = "0"
TFA_UEFI = "1"
+FILESEXTRAPATHS:prepend := "${THISDIR}/files/n1sdp:"
+
+SRC_URI:append = " \
+ file://0001-Reserve-OP-TEE-memory-from-nwd.patch \
+ "
+
TFA_ROT_KEY= "plat/arm/board/common/rotpk/arm_rotprivk_rsa.pem"
# Enabling Secure-EL1 Payload Dispatcher (SPD)