I am working for Trustonic, a TEE maker and I would like to know if the support for TrustZone is enabled for this board.
Do you have any details about the boot sequence?
Is it possible to get the sources of the Trusted Firmware which is running at EL3 or the TEE running at EL1 (in the Secure World)?
Are the images signed? Is it possible to replace them?
Thank you,


As far as I can tell, the firmware never writes to either MVBAR or VBAR_EL3, and ends up dropping to EL1-NS just before entering the kernel.

So my guess is that either nothing runs there once the kernel has been entered, or there is something in ROM (though very unlikely)

Either way, it looks like binary patching this firmware is pretty easy, and the rumour is that images are not signed. Yet. I’m planning to try something as soon as I get hold of a 1.8v serial adapter.




The source for a port of ARM Trusted Firmware is available on github at:

Nothing is signed. You should be able to replace everything.


We (Security WG at Linaro) have just recently ported OP-TEE to Hikey. So, yes, you can definitely do TrustZone development on this board. For more information please this link.