In order to do this, I modified the EEPROM bootloader bootloader according to the instructions in the Raspberry Pi documentation. That page is also on GitHub which might be a more stable location. On Raspbian on the RPi:

fw=/lib/firmware/raspberrypi/bootloader/stable/pieeprom-2020-09-03.bin
rpi-eeprom-config $fw > ~/bootconf.txt
vi ~/bootconf.txt
rpi-eeprom-config --out ~/pieeprom-new.bin --config ~/bootconf.txt $fw
sudo rpi-eeprom-update -d -f ~/pieeprom-new.bin
sudo reboot

My updated bootconf.txt is:

[all]
BOOT_UART=1
WAKE_ON_GPIO=0
POWER_OFF_ON_HALT=0
DHCP_TIMEOUT=45000
DHCP_REQ_TIMEOUT=4000
TFTP_FILE_TIMEOUT=30000
ENABLE_SELF_UPDATE=1
DISABLE_HDMI=0
BOOT_ORDER=0xf412

I enabled UART debugging, and set the boot order to be: network 0x2, SD card 0x1, USB mass storage 0x4, and finally reboot 0xf. These steps need to be repeated if the bootloader is updated via apt.

I enabled the TFTP server on my Mac:

sudo launchctl load -F /System/Library/LaunchDaemons/tftp.plist
sudo launchctl enable System/com.apple.tftpd
sudo launchctl start com.apple.tftpd

I’m not sure if the enable command is actually necessary. This doesn’t actually start the tftpd daemon. Instead, macOS starts the daemon on demand when it notices an incoming tftp request on the network. Don’t be alarmed!

The tftp server looks for files to serve out of /private/tftpboot, and those things need to be world rwx, i.e. 777. By default (this is configurable) the RPi queries for a directory named by its serial number.

mkdir /private/tftpboot/$raspberry_pi_serial
chmod 777 /private/tftpboot
chmod -R 777 /private/tftpboot/*

RPi looks for files of various names in that directory, one in particular by the name of start.elf.

Next, I had to update my Ubiquiti router’s DHCP server configuration (on the command line) to pass a tftp-server parameter in the DHCP payload. This step may be optional because you can also set TFTP_IP in the bootconf.txt above to specify the IP directly. On my router:

configure
set service dhcp-server shared-network-name LAN subnet $lan_cidr_subnet tftp-server-name $ip_of_mac
commit
save
exit

I also gave my Mac a static IP, and renewed the DHCP lease so it took the new IP to make the whole process a little more smooth. Now, it appears the RPi will attempt a TFTP boot, and I see queries in the logs on my Mac.

Further Reading