diff --git a/drivers/fastboot/fb_fsl/fastboot_lock_unlock.c b/drivers/fastboot/fb_fsl/fastboot_lock_unlock.c
index a6ca0e3..3d0d014 100644
--- a/drivers/fastboot/fb_fsl/fastboot_lock_unlock.c
+++ b/drivers/fastboot/fb_fsl/fastboot_lock_unlock.c
@@ -449,18 +449,28 @@ fail:
 
 }
 FbLockEnableResult fastboot_lock_enable() {
-	struct blk_desc *fs_dev_desc;
-	disk_partition_t fs_partition;
-	unsigned char *bdata;
-	int mmc_id;
-	FbLockEnableResult ret;
-
 #ifdef CONFIG_DUAL_BOOTLOADER
 	/* Always allow unlock device in spl recovery mode. */
 	if (is_spl_recovery())
 		return FASTBOOT_UL_ENABLE;
 #endif
 
+#ifdef CONFIG_IMX_TRUSTY_OS
+	int ret;
+	uint8_t oem_device_unlock;
+
+	ret = trusty_read_oem_unlock_device_permission(&oem_device_unlock);
+	if (ret < 0)
+		return FASTBOOT_UL_ERROR;
+	else
+		return oem_device_unlock;
+#else /* CONFIG_IMX_TRUSTY_OS */
+	FbLockEnableResult ret;
+	struct blk_desc *fs_dev_desc;
+	disk_partition_t fs_partition;
+	unsigned char *bdata;
+	int mmc_id;
+
 	bdata = (unsigned char *)memalign(ALIGN_BYTES, SECTOR_SIZE);
 	if (bdata == NULL)
 		return FASTBOOT_UL_ERROR;
@@ -500,6 +510,7 @@ FbLockEnableResult fastboot_lock_enable() {
 fail:
 	free(bdata);
 	return ret;
+#endif /* CONFIG_IMX_TRUSTY_OS */
 
 }
 #endif
diff --git a/include/interface/avb/avb.h b/include/interface/avb/avb.h
index 608f6af..f9da80c 100644
--- a/include/interface/avb/avb.h
+++ b/include/interface/avb/avb.h
@@ -44,6 +44,8 @@ enum avb_command {
     LOCK_BOOT_STATE            = (7 << AVB_REQ_SHIFT),
     READ_VBMETA_PUBLIC_KEY     = (8 << AVB_REQ_SHIFT),
     WRITE_VBMETA_PUBLIC_KEY    = (9 << AVB_REQ_SHIFT),
+    WRITE_OEM_UNLOCK_DEVICE_PERMISSION     = (10 << AVB_REQ_SHIFT),
+    READ_OEM_UNLOCK_DEVICE_PERMISSION      = (11 << AVB_REQ_SHIFT),
 };
 
 /**
diff --git a/include/trusty/avb.h b/include/trusty/avb.h
index daaac2c..0212807 100644
--- a/include/trusty/avb.h
+++ b/include/trusty/avb.h
@@ -116,5 +116,11 @@ int trusty_write_lock_state(uint8_t lock_state);
  * Returns one of trusty_err.
  */
 int trusty_lock_boot_state(void);
+/*
+ * Send request to secure side to read oem device unlock state from RPMB.
+ *
+ * Returns one of trusty_err.
+ */
+int trusty_read_oem_unlock_device_permission(uint8_t *lock_state);
 
 #endif /* TRUSTY_AVB_H_ */
diff --git a/lib/trusty/ql-tipc/avb.c b/lib/trusty/ql-tipc/avb.c
index 95b26fd..937cafc 100644
--- a/lib/trusty/ql-tipc/avb.c
+++ b/lib/trusty/ql-tipc/avb.c
@@ -260,3 +260,10 @@ int trusty_lock_boot_state(void)
 {
     return avb_do_tipc(LOCK_BOOT_STATE, NULL, 0, NULL, NULL);
 }
+
+int trusty_read_oem_unlock_device_permission(uint8_t *oem_device_unlock)
+{
+    uint32_t resp_size = sizeof(*oem_device_unlock);
+    return avb_do_tipc(READ_OEM_UNLOCK_DEVICE_PERMISSION, NULL, 0, oem_device_unlock,
+                       &resp_size);
+}