DRIVE AGX Boot Flow

Note

NVIDIA Drive OS bootloader maintain root for trust while loading binaries in boot chain till root fs images. All boot binaries are authenticated and decrypted with OEM keys.

The PSC processor act as key custodian for OEM keys and provides security services such as authentication and decryption to BPMP Boot ROM and MB1.

Upon power-up of the device, the boot flow sequence of events is as follows:

After Power Good enabled to Tegra, and Tegra reset desasserted, BPMP and PSC processors start executing ROM code.

• BPMP R5 executes BPMP_BootROM → MB1 → BPMP-FW.

• PSC RISCV executes PSC_ROM → PSCBL1 → PSC-FW.

• MB1 loads and starts a few other clusters as well, like HPSE, SB, and CCPLEX.

• HPSE RISCV executes HPSE ROM → HPSE-BL → HPSE-FW.

• SB RISCV executes SB ROM → SB-BL → SB-FW.

• CCPLEX starts executing MB2 Bootloader → ATF and then secure and non-secure world binaries.

• Boot ROM
• Microboot 1 and PSC-BL1
• Microboot 2
• Authentication and Validation of Binaries
  • Dual Authentication of Firmware
  • Recovery Support
  • SecureOS
  • Hypervisor-based Flow
  • Virtual Machine
  • Partition Loader
• Grouping of Boot Images
• Grouping a Secure Boot Chain