[PATCH 0/2] rockchip: rk3576: Fix DMA transfer of TF-A to PMU_SRAM

Thu, 08 Jan 2026 05:38:50 -0800 

The firewall block access to pmu sram for non-secure masters by default
after reset (0xffffbfff) on RK3576.

This series changes the pmu lookup configuration to match the default
lookup config for ddr and system sram (0xffff3fff) to allow loading of
TF-A using DMA. It also drops the u-boot specific no-dma/fifo props
currently used to workaround the DMA load issue.

Mainline TF-A will re-configure the firewall to use an even less
restrictive lookup (0xbffe3ff0), so this change is not expected to have
any real security implication.

This has been tested on a ROCK 4D and NanoPi R76S with loading TF-A from
eMMC, SD-card and SPI flash.

Trying to use DMA transfer without this series:

  U-Boot SPL 2026.01 (Jan 08 2026 - 13:18:01 +0000)
  Trying to boot from MMC2
  ## Checking hash(es) for config config-1 ... OK
  mmc_load_image_raw_sector: mmc block read error
  Error: -38
  SPL: Unsupported Boot Device!
  Trying to boot from MMC1
  ## Checking hash(es) for config config-1 ... OK
  mmc_load_image_raw_sector: mmc block read error
  Error: -38
  SPL: Unsupported Boot Device!
  SPL: failed to boot from all boot devices
  ### ERROR ### Please RESET the board ###

With this series applied:

  U-Boot SPL 2026.01 (Jan 08 2026 - 13:21:35 +0000)
  Trying to boot from MMC2
  ## Checking hash(es) for config config-1 ... OK
  ## Checking hash(es) for Image atf-1 ... sha256+ OK
  ## Checking hash(es) for Image u-boot ... sha256+ OK
  ## Checking hash(es) for Image fdt-1 ... sha256+ OK
  ## Checking hash(es) for Image atf-2 ... sha256+ OK
  ## Checking hash(es) for Image atf-3 ... sha256+ OK
  INFO:    Preloader serial: 0
  NOTICE:  BL31: v2.3():v2.3-940-gb0834f9a2:derrick.huang, fwver: v1.21
  NOTICE:  BL31: Built : 12:00:50, Jun 27 2025

Please note that the technical details and naming of the involved parts
may be wrong as this is just been based on the limited details in
firewall.c/h from TF-A source and printing out content of FW regs.

Jonas Karlman (2):
  rockchip: rk3576: Allow pmu sram access for non-secure masters
  rockchip: rk3576: Use DMA when loading FIT images

 arch/arm/dts/rk3576-u-boot.dtsi        | 4 ----
 arch/arm/mach-rockchip/rk3576/rk3576.c | 6 ++++++
 2 files changed, 6 insertions(+), 4 deletions(-)

-- 
2.52.0

Reply via email to