blob: 2db7bbdb42ecb9e267850762e2a88f908c180d9e [file] [log] [blame]
Bryan Brattlof6d138132022-12-19 14:29:50 -06001.. SPDX-License-Identifier: GPL-2.0+ OR BSD-3-Clause
2.. sectionauthor:: Bryan Brattlof <bb@ti.com>
3
4K3 Generation
5=============
6
7Summary
8-------
9
10Texas Instrument's K3 family of SoCs utilize a heterogeneous multicore
11and highly integrated device architecture targeted to maximize
12performance and power efficiency for a wide range of industrial,
13automotive and other broad market segments.
14
15Typically the processing cores and the peripherals for these devices are
16partitioned into three functional domains to provide ultra-low power
17modes as well as accommodating application and industrial safety systems
18on the same SoC. These functional domains are typically called the:
19
20* Wakeup (WKUP) domain
21* Micro-controller (MCU) domain
22* Main domain
23
24For a more detailed view of what peripherals are attached to each
25domain, consult the device specific documentation.
26
27K3 Based SoCs
28-------------
29
30.. toctree::
31 :maxdepth: 1
32
33 j721e_evm
Udit Kumared92ede2023-05-11 14:47:48 +053034 j7200_evm
Bryan Brattlof6d138132022-12-19 14:29:50 -060035 am62x_sk
Neha Malcom Francis507be122023-07-22 00:14:43 +053036 am65x_evm
Bryan Brattlof6d138132022-12-19 14:29:50 -060037
38Boot Flow Overview
39------------------
40
41For all K3 SoCs the first core started will be inside the Security
42Management Subsystem (SMS) which will secure the device and start a core
43in the wakeup domain to run the ROM code. ROM will then initialize the
44boot media needed to load the binaries packaged inside `tiboot3.bin`,
45including a 32bit U-Boot SPL, (called the wakup SPL) that ROM will jump
46to after it has finished loading everything into internal SRAM.
47
48.. code-block:: text
49
50 | WKUP Domain
51 ROM -> WKUP SPL ->
52
53The wakeup SPL, running on a wakeup domain core, will initialize DDR and
54any peripherals needed load the larger binaries inside the `tispl.bin`
55into DDR. Once loaded the wakeup SPL will start one of the 'big'
56application cores inside the main domain to initialize the main domain,
Neha Malcom Francis507be122023-07-22 00:14:43 +053057starting with Trusted Firmware-A (TF-A), before moving on to start
58OP-TEE and the main domain's U-Boot SPL.
Bryan Brattlof6d138132022-12-19 14:29:50 -060059
60.. code-block:: text
61
62 | WKUP Domain | Main Domain ->
Neha Malcom Francis507be122023-07-22 00:14:43 +053063 ROM -> WKUP SPL -> TF-A -> OP-TEE -> Main SPL
Bryan Brattlof6d138132022-12-19 14:29:50 -060064
65The main domain's SPL, running on a 64bit application core, has
66virtually unlimited space (billions of bytes now that DDR is working) to
67initialize even more peripherals needed to load in the `u-boot.img`
68which loads more firmware into the micro-controller & wakeup domains and
69finally prepare the main domain to run Linux.
70
71.. code-block:: text
72
73 | WKUP Domain | Main Domain ->
Neha Malcom Francis507be122023-07-22 00:14:43 +053074 ROM -> WKUP SPL -> TF-A -> OP-TEE -> Main SPL -> UBoot -> Linux
Bryan Brattlof6d138132022-12-19 14:29:50 -060075
76This is the typical boot flow for all K3 based SoCs, however this flow
77offers quite a lot in the terms of flexibility, especially on High
78Security (HS) SoCs.
79
80Boot Flow Variations
81^^^^^^^^^^^^^^^^^^^^
82
83All K3 SoCs will generally use the above boot flow with two main
84differences depending on the capabilities of the boot ROM and the number
85of cores inside the device. These differences split the bootflow into
86essentially 4 unique but very similar flows:
87
88* Split binary with a combined firmware: (eg: AM65)
89* Combined binary with a combined firmware: (eg: AM64)
90* Split binary with a split firmware: (eg: J721E)
91* Combined binary with a split firmware: (eg: AM62)
92
93For devices that utilize the split binary approach, ROM is not capable
94of loading the firmware into the SoC requiring the wakeup domain's
95U-Boot SPL to load the firmware.
96
97Devices with a split firmware will have two firmwares loaded into the
98device at different times during the bootup process. TI's Foundational
99Security (TIFS), needed to operate the Security Management Subsystem,
100will either be loaded by ROM or the WKUP U-Boot SPL, then once the
101wakeup U-Boot SPL has completed, the second Device Management (DM)
102firmware can be loaded on the now free core in the wakeup domain.
103
104For more information on the bootup process of your SoC, consult the
105device specific boot flow documentation.
106
107Software Sources
108----------------
109
110All scripts and code needed to build the `tiboot3.bin`, `tispl.bin` and
111`u-boot.img` for all K3 SoCs can be located at the following places
112online
113
114* **Das U-Boot**
115
116 | **source:** https://source.denx.de/u-boot/u-boot.git
117 | **branch:** master
118
Neha Malcom Francis507be122023-07-22 00:14:43 +0530119* **Trusted Firmware-A (TF-A)**
Bryan Brattlof6d138132022-12-19 14:29:50 -0600120
Neha Malcom Francis507be122023-07-22 00:14:43 +0530121 | **source:** https://git.trustedfirmware.org/TF-A/trusted-firmware-a.git/
Bryan Brattlof6d138132022-12-19 14:29:50 -0600122 | **branch:** master
123
Neha Malcom Francis507be122023-07-22 00:14:43 +0530124* **Open Portable Trusted Execution Environment (OP-TEE)**
Bryan Brattlof6d138132022-12-19 14:29:50 -0600125
126 | **source:** https://github.com/OP-TEE/optee_os.git
127 | **branch:** master
128
129* **TI Firmware (TIFS, DM, DSMC)**
130
131 | **source:** https://git.ti.com/git/processor-firmware/ti-linux-firmware.git
132 | **branch:** ti-linux-firmware
133
Bryan Brattlof6d138132022-12-19 14:29:50 -0600134Build Procedure
135---------------
136
137Depending on the specifics of your device, you will need three or more
138binaries to boot your SoC.
139
140* `tiboot3.bin` (bootloader for the wakeup domain)
141* `tispl.bin` (bootloader for the main domain)
142* `u-boot.img`
143
144During the bootup process, both the 32bit wakeup domain and the 64bit
145main domains will be involved. This means everything inside the
146`tiboot3.bin` running in the wakeup domain will need to be compiled for
14732bit cores and most binaries in the `tispl.bin` will need to be
148compiled for 64bit main domain CPU cores.
149
150All of that to say you will need both a 32bit and 64bit cross compiler
151(assuming you're using an x86 desktop)
152
153.. code-block:: bash
154
Neha Malcom Francis507be122023-07-22 00:14:43 +0530155 $ export CC32=arm-linux-gnueabihf-
156 $ export CC64=aarch64-linux-gnu-
Bryan Brattlof6d138132022-12-19 14:29:50 -0600157
158Building tiboot3.bin
159^^^^^^^^^^^^^^^^^^^^^
160
1611. To generate the U-Boot SPL for the wakeup domain, use the following
162 commands, substituting :code:`{SOC}` for the name of your device (eg:
Neha Malcom Francis507be122023-07-22 00:14:43 +0530163 am62x) to package the various firmware and the wakeup UBoot SPL into
164 the final `tiboot3.bin` binary. (or the `sysfw.itb` if your device
165 uses the split binary flow)
Bryan Brattlof6d138132022-12-19 14:29:50 -0600166
Bryan Brattlof6d138132022-12-19 14:29:50 -0600167
168.. code-block:: bash
169
Neha Malcom Francis507be122023-07-22 00:14:43 +0530170 $ # inside u-boot source
171 $ make ARCH=arm {SOC}_evm_r5_defconfig
172 $ make ARCH=arm CROSS_COMPILE=$CC32 \
173 BINMAN_INDIRS=<path/to/ti-linux-firmware>
Bryan Brattlof6d138132022-12-19 14:29:50 -0600174
175At this point you should have all the needed binaries to boot the wakeup
176domain of your K3 SoC.
177
178**Combined Binary Boot Flow** (eg: am62x, am64x, ... )
179
Neha Malcom Francis507be122023-07-22 00:14:43 +0530180 `tiboot3-{SOC}-{gp/hs-fs/hs}.bin`
Bryan Brattlof6d138132022-12-19 14:29:50 -0600181
182**Split Binary Boot Flow** (eg: j721e, am65x)
183
Neha Malcom Francis507be122023-07-22 00:14:43 +0530184 | `tiboot3-{SOC}-{gp/hs-fs/hs}.bin`
185 | `sysfw-{SOC}-{gp/hs-fs/hs}-evm.itb`
Bryan Brattlof6d138132022-12-19 14:29:50 -0600186
187.. note ::
188
189 It's important to rename the generated `tiboot3.bin` and `sysfw.itb`
190 to match exactly `tiboot3.bin` and `sysfw.itb` as ROM and the wakeup
191 UBoot SPL will only look for and load the files with these names.
192
193Building tispl.bin
194^^^^^^^^^^^^^^^^^^^
195
196The `tispl.bin` is a standard fitImage combining the firmware need for
197the main domain to function properly as well as Device Management (DM)
198firmware if your device using a split firmware.
199
Neha Malcom Francis507be122023-07-22 00:14:43 +05302002. We will first need TF-A, as it's the first thing to run on the 'big'
Bryan Brattlof6d138132022-12-19 14:29:50 -0600201 application cores on the main domain.
202
203.. code-block:: bash
204
Neha Malcom Francis507be122023-07-22 00:14:43 +0530205 $ # inside trusted-firmware-a source
206 $ make CROSS_COMPILE=$CC64 ARCH=aarch64 PLAT=k3 \
207 TARGET_BOARD={lite|generic|j784s4} \
208 SPD=opteed
Bryan Brattlof6d138132022-12-19 14:29:50 -0600209
Neha Malcom Francis507be122023-07-22 00:14:43 +0530210Typically all `j7*` devices will use `TARGET_BOARD=generic` or `TARGET_BOARD
211=j784s4` (if it is a J784S4 device), while all Sitara (`am6*`) devices
212use the `lite` option.
Bryan Brattlof6d138132022-12-19 14:29:50 -0600213
Neha Malcom Francis507be122023-07-22 00:14:43 +05302143. The Open Portable Trusted Execution Environment (OP-TEE) is designed
Bryan Brattlof6d138132022-12-19 14:29:50 -0600215 to run as a companion to a non-secure Linux kernel for Cortex-A cores
216 using the TrustZone technology built into the core.
217
218.. code-block:: bash
219
Neha Malcom Francis507be122023-07-22 00:14:43 +0530220 $ # inside optee_os source
221 $ make CROSS_COMPILE=$CC32 CROSS_COMPILE64=$CC64 \
Bryan Brattlof6d138132022-12-19 14:29:50 -0600222 PLATFORM=k3 CFG_ARM64_core=y
223
Neha Malcom Francis507be122023-07-22 00:14:43 +05302244. Finally, after TF-A has initialized the main domain and OP-TEE has
Bryan Brattlof6d138132022-12-19 14:29:50 -0600225 finished, we can jump back into U-Boot again, this time running on a
226 64bit core in the main domain.
227
228.. code-block:: bash
229
Neha Malcom Francis507be122023-07-22 00:14:43 +0530230 $ # inside u-boot source
231 $ make ARCH=arm {SOC}_evm_a{53,72}_defconfig
232 $ make ARCH=arm CROSS_COMPILE=$CC64 \
233 BINMAN_INDIRS=<path/to/ti-linux-firmware> \
234 BL31=<path/to/trusted-firmware-a/dir>/build/k3/generic/release/bl31.bin \
235 TEE=<path/to/optee_os/dir>/out/arm-plat-k3/core/tee-raw.bin
Bryan Brattlof6d138132022-12-19 14:29:50 -0600236
237At this point you should have every binary needed initialize both the
238wakeup and main domain and to boot to the U-Boot prompt
239
240**Main Domain Bootloader**
241
Neha Malcom Francis507be122023-07-22 00:14:43 +0530242 | `tispl.bin` for HS devices or `tispl.bin_unsigned` for GP devices
243 | `u-boot.img` for HS devices or `u-boot.img_unsigned` for GP devices
Manorit Chawdhryce7a62f2023-07-14 11:22:29 +0530244
245Fit Signature Signing
246---------------------
247
248K3 Platforms have fit signature signing enabled by default on their primary
249platforms. Here we'll take an example for creating fit image for J721e platform
250and the same can be extended to other platforms
251
2521. Describing FIT source
253
254 .. code-block:: bash
255
256 /dts-v1/;
257
258 / {
259 description = "Kernel fitImage for j721e-hs-evm";
260 #address-cells = <1>;
261
262 images {
263 kernel-1 {
264 description = "Linux kernel";
265 data = /incbin/("Image");
266 type = "kernel";
267 arch = "arm64";
268 os = "linux";
269 compression = "none";
270 load = <0x80080000>;
271 entry = <0x80080000>;
272 hash-1 {
273 algo = "sha512";
274 };
275
276 };
277 fdt-ti_k3-j721e-common-proc-board.dtb {
278 description = "Flattened Device Tree blob";
279 data = /incbin/("k3-j721e-common-proc-board.dtb");
280 type = "flat_dt";
281 arch = "arm64";
282 compression = "none";
283 load = <0x83000000>;
284 hash-1 {
285 algo = "sha512";
286 };
287
288 };
289 };
290
291 configurations {
292 default = "conf-ti_k3-j721e-common-proc-board.dtb";
293 conf-ti_k3-j721e-common-proc-board.dtb {
294 description = "Linux kernel, FDT blob";
295 fdt = "fdt-ti_k3-j721e-common-proc-board.dtb";
296 kernel = "kernel-1";
297 signature-1 {
298 algo = "sha512,rsa4096";
299 key-name-hint = "custMpk";
300 sign-images = "kernel", "fdt";
301 };
302 };
303 };
304 };
305
306 You would require to change the '/incbin/' lines to point to the respective
307 files in your local machine and the key-name-hint also needs to be changed
308 if you are using some other key other than the TI dummy key that we are
309 using for this example.
310
3112. Compile U-boot for the respective board
312
313 .. code-block:: bash
314
315 make O=build/a72 CROSS_COMPILE=aarch64-none-linux-gnu- ARCH=arm
316 BL31=/path/to/bl31.bin TEE=/path/to/bl32.bin
317 BINMAN_INDIRS="/path/to/ti-linux-firmware" -j15
318
319 .. note::
320
321 The changes only affect a72 binaries so the example just builds that
322
3233. Sign the fit image and embed the dtb in uboot
324
325 Now once the build is done, you'll have a dtb for your board that you'll
326 be passing to mkimage for signing the fitImage and embedding the key in
327 the u-boot dtb.
328
329 .. code-block:: bash
330
331 mkimage -r -f fitImage.its -k $UBOOT_PATH/board/ti/keys -K
332 $UBOOT_PATH/build/a72/dts/dt.dtb
333
334 For signing a secondary platform, pass the -K parameter to that DTB
335
336 .. code-block:: bash
337
338 mkimage -f fitImage.its -k $UBOOT_PATH/board/ti/keys -K
339 $UBOOT_PATH/build/a72/arch/arm/dts/k3-j721e-sk.dtb
340
341 .. note::
342
343 If changing `CONFIG_DEFAULT_DEVICE_TREE` to the secondary platform,
344 binman changes would also be required so that correct dtb gets packaged.
345
346 .. code-block:: bash
347
348 diff --git a/arch/arm/dts/k3-j721e-binman.dtsi b/arch/arm/dts/k3-j721e-binman.dtsi
349 index 673be646b1e3..752fa805fe8d 100644
350 --- a/arch/arm/dts/k3-j721e-binman.dtsi
351 +++ b/arch/arm/dts/k3-j721e-binman.dtsi
352 @@ -299,8 +299,8 @@
353 #define SPL_J721E_SK_DTB "spl/dts/k3-j721e-sk.dtb"
354
355 #define UBOOT_NODTB "u-boot-nodtb.bin"
356 -#define J721E_EVM_DTB "u-boot.dtb"
357 -#define J721E_SK_DTB "arch/arm/dts/k3-j721e-sk.dtb"
358 +#define J721E_EVM_DTB "arch/arm/dts/k3-j721e-common-proc-board.dtb"
359 +#define J721E_SK_DTB "u-boot.dtb"
360
3615. Rebuilt u-boot
362
363 This is required so that the modified dtb gets updated in u-boot.img
364
365 .. code-block:: bash
366
367 make O=build/a72 CROSS_COMPILE=aarch64-none-linux-gnu- ARCH=arm
368 BL31=/path/to/bl31.bin TEE=/path/to/bl32.bin
369 BINMAN_INDIRS="/path/to/ti-linux-firmware" -j15
370
3716. (Optional) Enabled FIT_SIGNATURE_ENFORCED
372
373 By default u-boot will boot up the fit image without any authentication as
374 such if the public key is not embedded properly, to check if the public key
375 nodes are proper you can enable FIT_SIGNATURE_ENFORCED that would not rely
376 on the dtb for anything else then the signature node for checking the fit
377 image, rest other things will be enforced such as the property of
378 required-keys. This is not an extensive check so do manual checks also
379
380 This is by default enabled for devices with TI_SECURE_DEVICE enabled.
381
382.. note::
383
384 The devices now also have distroboot enabled so if the fit image doesn't
385 work then the fallback to normal distroboot will be there on hs devices,
386 this will need to be explicitly disabled by changing the boot_targets.
387
388Saving environment
389------------------
390
391SAVEENV is disabled by default and for the new flow uses Uenv.txt as the default
392way for saving the environments. This has been done as Uenv.txt is more granular
393then the saveenv command and can be used across various bootmodes too.
394
395**Writing to MMC/EMMC**
396
397.. code-block::
398
399 => env export -t $loadaddr <list of variables>
400 => fatwrite mmc ${mmcdev} ${loadaddr} ${bootenvfile} ${filesize}
401
402**Reading from MMC/EMMC**
403
404By default run envboot will read it from the MMC/EMMC partition ( based on
405mmcdev) and set the environments.
406
407If manually needs to be done then the environment can be read from the
408filesystem and then imported
409
410.. code-block::
411
412 => fatload mmc ${mmcdev} ${loadaddr} ${bootenvfile}
413 => env import -t ${loadaddr} ${filesize}