RK3506B: FW_DDR secure-region enforcement — what does the vendor TEE do?
Owen O'Hehir
electronicconsult1 at gmail.com
Sun May 17 21:13:42 CEST 2026
Hello Jonas,
I noticed your recent work on the RK3506. I've been working on
replacing the closed `rk3506_tee` blob on an RK3506B (Luckfox Lyra
Ultra) with an upstream from-source OP-TEE build & made some decent
progress but one part that I'm stuck on is DDR firewall (FW_DDR, base
`0xff5f0000`) locking the secure DRAM region against the non-secure
CPU master. I believe you skipped the secure world element but I
wonder would you have any ideas?
So far I can:
- program the region-map + CON + per-master (MST) registers and can
read them back,
- reproduce the exact register/value/ordering sequence that the vendor
secure firmware uses.
I've verified
- With the same idbloader/SPL (mainline-style U-Boot `arch_cpu_init`,
which only does the MST grants), the vendor TEE enforces but my OP-TEE
does not, NS still reads/writes the region.
- The SGRF slave-security set is identical between the two.
So there appears to be a precondition outside the FW_DDR register
block that is set by the vendor secure firmware's broader init that
makes region checks actually apply to the A7 NS master.
If you or anyone has any pointers to the FW_DDR register summary or
how to set this it would be gratefully appreciated!
Regards,
Owen
More information about the U-Boot
mailing list