1*74ac1efcSAhmed AzeemRD-1 AE (Kronos) Platform 2*74ac1efcSAhmed Azeem========================= 3*74ac1efcSAhmed Azeem 4*74ac1efcSAhmed AzeemSome of the features of the RD-1 AE platform referenced in TF-A include: 5*74ac1efcSAhmed Azeem 6*74ac1efcSAhmed Azeem- Neoverse-V3AE, Arm9.2-A application processor (64-bit mode) 7*74ac1efcSAhmed Azeem- A GICv4-compatible GIC-720AE 8*74ac1efcSAhmed Azeem 9*74ac1efcSAhmed AzeemFurther information on RD1-AE is available at `rd1ae`_ 10*74ac1efcSAhmed Azeem 11*74ac1efcSAhmed AzeemBoot Sequence 12*74ac1efcSAhmed Azeem------------- 13*74ac1efcSAhmed Azeem 14*74ac1efcSAhmed AzeemThe boot process starts from RSE (Runtime Security Engine) that loads the 15*74ac1efcSAhmed AzeemApplication Processor (AP) BL2 image and signals the System Control Processor (SCP) 16*74ac1efcSAhmed Azeemto power up the AP. The AP then runs AP BL2 17*74ac1efcSAhmed Azeem 18*74ac1efcSAhmed AzeemThe primary compute boot flow follows the following steps: 19*74ac1efcSAhmed Azeem 20*74ac1efcSAhmed Azeem1. AP BL2: 21*74ac1efcSAhmed Azeem 22*74ac1efcSAhmed Azeem * Performs the actions described in the `Trusted Board Boot (TBB)`_ document. 23*74ac1efcSAhmed Azeem * Copies the AP BL31 image from Secure Flash to Secure SRAM 24*74ac1efcSAhmed Azeem * Copies the AP BL32 (OP-TEE) image from Secure Flash to Secure DRAM 25*74ac1efcSAhmed Azeem * Copies the AP BL33 (U-Boot) image from Secure Flash to Normal DRAM 26*74ac1efcSAhmed Azeem * Transfers the execution to AP BL31 27*74ac1efcSAhmed Azeem 28*74ac1efcSAhmed Azeem2. AP BL31: 29*74ac1efcSAhmed Azeem 30*74ac1efcSAhmed Azeem * Initializes Trusted Firmware-A Services 31*74ac1efcSAhmed Azeem * Transfers the execution to AP BL32 and then transfers the execution to AP BL33 32*74ac1efcSAhmed Azeem * During runtime, acts as the Secure Monitor, handling SMC calls, 33*74ac1efcSAhmed Azeem and context switching between secure and non-secure worlds. 34*74ac1efcSAhmed Azeem 35*74ac1efcSAhmed Azeem3. AP BL32: 36*74ac1efcSAhmed Azeem 37*74ac1efcSAhmed Azeem * Initializes OP-TEE environment 38*74ac1efcSAhmed Azeem * Initializes Secure Partitions 39*74ac1efcSAhmed Azeem * Transfers the execution back to AP BL31 40*74ac1efcSAhmed Azeem * During runtime, it facilitates secure communication between the 41*74ac1efcSAhmed Azeem normal world environment (e.g. Linux) and the Trusted Execution Environment. 42*74ac1efcSAhmed Azeem 43*74ac1efcSAhmed AzeemBuild Procedure (TF-A only) 44*74ac1efcSAhmed Azeem~~~~~~~~~~~~~~~~~~~~~~~~~~~ 45*74ac1efcSAhmed Azeem 46*74ac1efcSAhmed Azeem- Obtain `Arm toolchain`_ and set the CROSS_COMPILE environment variable to 47*74ac1efcSAhmed Azeem point to the toolchain folder. 48*74ac1efcSAhmed Azeem 49*74ac1efcSAhmed Azeem- Build TF-A: 50*74ac1efcSAhmed Azeem 51*74ac1efcSAhmed Azeem .. code:: shell 52*74ac1efcSAhmed Azeem 53*74ac1efcSAhmed Azeem make \ 54*74ac1efcSAhmed Azeem PLAT=rd1ae \ 55*74ac1efcSAhmed Azeem MBEDTLS_DIR=<mbedtls_dir> \ 56*74ac1efcSAhmed Azeem ARCH=aarch64 \ 57*74ac1efcSAhmed Azeem CREATE_KEYS=1 \ 58*74ac1efcSAhmed Azeem GENERATE_COT=1 \ 59*74ac1efcSAhmed Azeem TRUSTED_BOARD_BOOT=1 \ 60*74ac1efcSAhmed Azeem COT=tbbr \ 61*74ac1efcSAhmed Azeem ARM_ROTPK_LOCATION=devel_rsa \ 62*74ac1efcSAhmed Azeem ROT_KEY=plat/arm/board/common/rotpk/arm_rotprivk_rsa.pem \ 63*74ac1efcSAhmed Azeem BL32=<path to optee binary> \ 64*74ac1efcSAhmed Azeem SPD=spmd \ 65*74ac1efcSAhmed Azeem SPMD_SPM_AT_SEL2=0 \ 66*74ac1efcSAhmed Azeem BL33=<path to u-boot binary> \ 67*74ac1efcSAhmed Azeem 68*74ac1efcSAhmed Azeem*Copyright (c) 2024, Arm Limited. All rights reserved.* 69*74ac1efcSAhmed Azeem 70*74ac1efcSAhmed Azeem.. _Arm Toolchain: https://developer.arm.com/tools-and-software/open-source-software/developer-tools/gnu-toolchain/downloads 71*74ac1efcSAhmed Azeem.. _rd1ae: https://developer.arm.com/Tools%20and%20Software/Arm%20Reference%20Design-1%20AE 72*74ac1efcSAhmed Azeem.. _Trusted Board Boot (TBB): https://trustedfirmware-a.readthedocs.io/en/latest/design/trusted-board-boot.html 73