xref: /rk3399_ARM-atf/docs/plat/arm/automotive_rd/rdaspen.rst (revision 4286d16f0fc3b0b97acb9900726658c1a6968f8c) 
1RD-Aspen (Zena CSS) Platform
2============================
3
4The RD-Aspen platform, as referenced in TF-A, includes the following features:
5
6* Primary Compute with four processor clusters, each containing:
7
8  * Four Cortex-A720AE cores (Armv9.2-A application processor, 64-bit mode)
9  * A DynamIQ Shared Unit (DSU-120AE)
10
11* A GIC-720AE, which is GICv4-compatible and supports GICv3 mode as well.
12
13Further information on RD-Aspen is available at `Zena CSS`_
14
15Boot Sequence
16-------------
17
18The boot process begins with the Runtime Security Engine (RSE), which loads the
19Application Processor (AP) BL2 image into the Trusted SRAM at a fixed address.
20Once loaded, the RSE signals the System Control Processor firmware (SCP-firmware)
21running on Safety Island Cluster 0 (SI CL0) to initiate the AP power-up sequence.
22
23The SCP-firmware then sets the reset vector base address (RVBAR) for the AP, ensuring
24it starts executing BL2 from the designated address. Following this, the SCP-firmware
25powers on AP Cluster 0, allowing the AP to run AP BL2.
26
27The following tasks are executed for each AP BL stage:
28
291. AP BL2:
30
31   * Performs the actions described in the `Trusted Board Boot (TBB)`_ document.
32   * (Optional step) Find the FIP image in a GPT partition, incase the FIP lies
33     within in a GPT image.
34   * Copies the FW_CONFIG from Secure Flash to Trusted SRAM.
35   * (Optional step) Computes FW_CONFIG image measurement and invokes extend
36     operation of TF-M Measured Boot secure partition.
37   * Completes its dynamic configuration from the FW_CONFIG loaded.
38     This includes:
39
40      * Parsing the configuration data.
41      * Setting up the required system parameters.
42
43   * Reads and loads AP BL31 image into the Trusted SRAM.
44   * (Optional step) Computes AP BL31 image measurement and invokes extend operation of TF-M
45     Measured Boot secure partition
46   * Copies the HW_CONFIG from Secure Flash to DRAM.
47   * (Optional step) Computes HW_CONFIG (DTB) image measurement and invokes
48     extend operation of TF-M Measured Boot secure partition.
49   * (If present) Reads and loads AP BL32 (Secure Payload) image into Secure DRAM
50   * (Optional step, if present) Computes AP BL32 image measurement and invokes extend
51      operation of TF-M Measured Boot secure partition
52   * (If present) Reads and loads the SPMC manifest (for S-EL2 firmware configuration)
53     into Trusted SRAM and passes its location to BL31.
54   * Copies AP BL33 and Device tree blob from Secure Flash to Normal DRAM.
55   * (Optional step) Computes AP BL33 image measurement and invokes extend operation of TF-M
56     Measured Boot secure partition
57   * Transfers the execution to AP BL31.
58
592. AP BL31:
60
61   * Initializes Trusted Firmware-A Services.
62   * Transfers the execution to AP BL32 and then transfers the execution to AP BL33
63
643. AP BL32:
65
66   * Initializes Trusted OS (OP-TEE) environment
67   * Initializes Secure Partitions
68   * Transfers the execution back to AP BL31
69   * During runtime, it facilitates secure communication between the
70     normal world environment (e.g. Linux) and the Trusted Execution Environment.
71
72Build Procedure (TF-A only)
73---------------------------
74
75-  Ensure all `Prerequisites`_  are met, and the ``CROSS_COMPILE`` environment
76   variable is properly set.
77
78-  Build TF-A:
79
80
81   .. code:: shell
82
83      make \
84      PLAT=rdaspen \
85      MBEDTLS_DIR=<mbedtls_dir> \
86      CREATE_KEYS=1 \
87      GENERATE_COT=1 \
88      TRUSTED_BOARD_BOOT=1 \
89      COT=tbbr \
90      ARM_ROTPK_LOCATION=devel_rsa \
91      ROT_KEY=plat/arm/board/common/rotpk/arm_rotprivk_rsa.pem \
92      BL32=<path to optee binary> \
93      ARM_GPT_SUPPORT=1 \
94      BL33=<PATH-TO-BL33-BINARY> \
95      MEASURED_BOOT=1 \
96
97.. note::
98
99   The ``BL32`` flag is optional and should be set only if a Trusted OS is required.
100   If it is not set, then ``BL33`` will be loaded directly after ``BL31``.
101
102   The ``ARM_GPT_SUPPORT`` flag is also optional. It must be enabled when the
103   FIP image resides inside a GPT partition on Secure Flash.
104
105   The ``MEASURED_BOOT`` flag is also optional. It must be enabled in order to
106   enable measurement of FW images and data.
107
108--------------
109
110*Copyright (c) 2025, Arm Limited. All rights reserved.*
111
112.. _Prerequisites:  https://trustedfirmware-a.readthedocs.io/en/latest/getting_started/prerequisites.html
113.. _Trusted Board Boot (TBB): https://trustedfirmware-a.readthedocs.io/en/latest/design/trusted-board-boot.html
114.. _Zena CSS: https://www.arm.com/products/automotive/compute-subsystems/zena
115