3.1.2.10. U-Boot Falcon Mode
U-Boot’s falcon mode on AM62x bypasses the A-core SPL and U-Boot stage, which allows for booting straight to Linux kernel after OP-TEE and ATF.
Normal boot flow:
R5 SPL -> ATF -> OP-TEE -> Cortex-A SPL -> U-Boot -> Linux
With falcon mode:
R5 SPL -> ATF -> OP-TEE -> Linux
Falcon boot support is added by the ti-falcon
yocto override which can be
enabled before building the SDK as follows:
$ echo 'DISTROOVERRIDES:append = ":ti-falcon"' >> conf/local.conf
$ # build the SDK
$ MACHINE=<machine> bitbake -k tisdk-default-image
The following set of patches are also required since they are not part of the
11.01
SDK release:
3.1.2.10.1. Changes made by ti-falcon override:
3.1.2.10.1.1. ATF:
To meet the 2MiB alignment requirement for the Linux kernel’s load address,
the K3_HW_CONFIG_BASE
(kernel address) is modified to 0x82000000
and PRELOADED_BL33_BASE
(DTB address) is modified from the K3 default to
0x88000000
.
3.1.2.10.1.2. TI-SPL:
Falcon mode makes use of a cut down variant of the tispl binary called
tifalcon.bin
with the Cortex-A SPL and its corresponding device-tree
removed. This file is deployed to the boot directory inside the root filesystem
so it can be picked by the R5 SPL at boot time.
3.1.2.10.1.3. R5 SPL:
The R5 SPL loads the kernel fitImage
and tifalcon.bin
file. An
x509 certificate with TIFS keys verifies the fitImage
for falcon boot
instead of making use of signature nodes and keys present in the DT. This allows
for faster authentication since TIFS uses the security accelerator for
authentication, which is much faster than doing the same on R5 core.
This support is present alongside the standard R5 defconfig
when ti-falcon
is enabled due to U-Boot’s k3_r5_falcon.config
fragment. This updates
the R5 memory map at U-Boot SPL stage to the following:
0x80000000 +===============================+ Start of DDR
512KiB | ATF reserved memory space | CONFIG_K3_ATF_LOAD_ADDR
0x80080000 +-------------------------------+
31.5MiB | Unused |
0x82000000 +-------------------------------+ PRELOADED_BL33_BASE in ATF
| | CONFIG_SYS_LOAD_ADDR
57MiB | Kernel + initramfs Image | CONFIG_SPL_LOAD_FIT_ADDRESS
| |
0x85900000 +-------------------------------+
| |
| R5 U-Boot SPL Stack + Heap |
39MiB | (size defined by |
| SPL_STACK_R_MALLOC_SIMPLE_LEN)|
| |
0x88000000 +-------------------------------+ CONFIG_SPL_STACK_R_ADDR
| | K3_HW_CONFIG_BASE in ATF
16MiB | Kernel DTB | CONFIG_SPL_PAYLOAD_ARGS_ADDR
| |
0x89000000 +-------------------------------+
331MiB | Device Manager (DM) Load Addr |
0x9db00000 +-------------------------------+
12MiB | DM Reserved |
0x9e700000 +-------------------------------+
1MiB | Unused |
0x9e800000 +-------------------------------+ BL32_BASE in ATF
24MiB | OPTEE |
0xa0000000 +===============================+ End of DDR (512MiB)
3.1.2.10.1.4. fitImage:
The system produces the resulting fitImage
file in the boot directory
of the root filesystem. This file has its constituent binaries pre-signed with
x509 certificates. At boot time, TIFS authenticates this file, which allows for
a lower boot time compared to authenticating on the R5 core.
3.1.2.10.2. Extra Configuration
3.1.2.10.2.1. OSPI boot:
For OSPI boot, the tiboot3.bin
and tifalcon.bin
files should be
flashed to the same addresses in flash as regular boot flow but the
fitImage
is read from the root filesystem’s boot directory. The MMC
device is selected by the mmcdev
env variable for R5 SPL.
Below U-Boot commands can be used to download tiboot3.bin
and
tifalcon.bin
over tftp and then flash those to OSPI at their respective
addresses.
=> sf probe
=> tftp ${loadaddr} tiboot3.bin
=> sf update $loadaddr 0x0 $filesize
=> tftp ${loadaddr} tifalcon.bin
=> sf update $loadaddr 0x80000 $filesize
3.1.2.10.2.2. eMMC Boot:
In eMMC boot mode, the tiboot3.bin
file should be flashed to the
hardware boot partition whereas tifalcon.bin
and the fitImage
are read from the root filesystem inside UDA. Use the U-Boot commands below
to set the correct boot partition and write tiboot3.bin
to the correct
offset.
=> # Set boot0 as the boot partition
=> mmc partconf 0 1 1 1
=> mmc bootbus 0 2 0 0
=> # Flash tiboot3.bin to boot0
=> mmc dev 0 1
=> fatload mmc 1 ${loadaddr} tiboot3.bin
=> mmc write ${loadaddr} 0x0 0x400
For more information check: How to flash eMMC and boot with eMMC Boot.
3.1.2.10.2.3. Custom fitImage creation:
Clone the core-secdev-k3 source:
$ git clone https://git.ti.com/cgit/security-development-tools/core-secdev-k3
Copy the required kernel image renamed to Image
and the device-tree
renamed to falcon.dtb
inside the core-secdev-k3 source directory.
Copy the following contents to a file named fitImage.its
inside
core-secdev-k3 source:
/dts-v1/;
/ {
description = "Kernel fitImage for falcon mode";
#address-cells = <1>;
images {
kernel-1 {
description = "Linux kernel";
data = /incbin/("Image.sec");
type = "kernel";
arch = "arm64";
os = "linux";
compression = "none";
load = <0x82000000>;
entry = <0x82000000>;
};
falcon.dtb {
description = "Flattened Device Tree blob";
data = /incbin/("falcon.dtb.sec");
type = "flat_dt";
arch = "arm64";
compression = "none";
load = <0x88000000>;
entry = <0x88000000>;
};
};
configurations {
default = "conf-falcon";
conf-falcon {
description = "Presigned Linux kernel and DTB";
kernel = "kernel-1";
fdt = "falcon.dtb";
};
};
};
Sign the kernel and device-tree with secure-binary-image.sh
and create the
fitImage
by using mkimage
:
$ # inside core-secdev-k3 source
$ ./scripts/secure-binary-image.sh Image Image.sec
$ ./scripts/secure-binary-image.sh falcon.dtb falcon.dtb.sec
$ mkimage -f fitImage.its fitImage
3.1.2.10.3. Non-Yocto Users:
Following are the steps to build tiboot3.bin
, tifalcon.bin
and the
fitImage
required for falcon mode:
For ATF build, use the following arguments to update the ATF’s jump address for the kernel and the device-tree:
PRELOADED_BL33_BASE=0x82000000 K3_HW_CONFIG_BASE=0x88000000
.For R5 U-Boot build, use the
k3_r5_falcon.config
fragment to enable flacon support at the R5 SPL stage.Refer to the fitImage creation step above for preparing a bootable
fitImage
with an appropriate kernel and device-tree.Copy the files generated to correct path on SD/eMMC as in the table below:
File
Destination path on SD/eMMC
Partition
Description
tiboot3.bin
/tiboot3.bin
boot (fat)
R5 SPL with falcon support
tifalcon.bin
/boot/tifalcon.bin
root filesystem (ext4)
tispl binary without SPL for the A core and device-tree
fitImage
/boot/fitImage
root filesystem (ext4)
fitImage
with pre-signed kernel and device-tree
Note
The tifalcon.bin
binary is generated by default for all falcon
supported platforms at the A-Core U-Boot build step and can be found
alongside the existing tispl.bin
file in U-Boot build’s output directory.
3.1.2.10.4. Boot time comparisons:
Removing A-core SPL and U-Boot from the boot process leads to ~60% reduction in time to kernel. Saving about 1-2 seconds during boot depending on the platform.

Fig. 3.2 Falcon Mode (Left) vs Regular Boot (Right)