-
CONFIG_ARM_SECURE_FIRMWARE
¶
(No prompt – not directly user assignable.)
Type: bool
Help¶
This option indicates that we are building a Zephyr image that is intended to execute in Secure state. The option is only applicable to ARMv8-M MCUs that implement the Security Extension.
This option enables Zephyr to include code that executes in Secure state, as well as to exclude code that is designed to execute only in Non-secure state.
Code executing in Secure state has access to both the Secure and Non-Secure resources of the Cortex-M MCU.
Code executing in Non-Secure state may trigger Secure Faults, if Secure MCU resources are accessed from the Non-Secure state. Secure Faults may only be handled by code executing in Secure state.
Default¶
Kconfig definition¶
At <Zephyr>/arch/arm/core/aarch32/Kconfig:176
Included via <Zephyr>/Kconfig:8
→ <Zephyr>/Kconfig.zephyr:29
→ <Zephyr>/arch/Kconfig:12
→ <Zephyr>/arch/arm/Kconfig:42
Menu path: (Top) → ARM Options
config ARM_SECURE_FIRMWARE bool default y ifTRUSTED_EXECUTION_SECURE
depends onARMV8_M_SE
&& !ARM64
&&ARM
help This option indicates that we are building a Zephyr image that is intended to execute in Secure state. The option is only applicable to ARMv8-M MCUs that implement the Security Extension. This option enables Zephyr to include code that executes in Secure state, as well as to exclude code that is designed to execute only in Non-secure state. Code executing in Secure state has access to both the Secure and Non-Secure resources of the Cortex-M MCU. Code executing in Non-Secure state may trigger Secure Faults, if Secure MCU resources are accessed from the Non-Secure state. Secure Faults may only be handled by code executing in Secure state.
(The ‘depends on’ condition includes propagated dependencies from ifs and menus.)