CONFIG_ARM_SECURE_FIRMWARE

(No prompt – not directly user assignable.)

Type: bool

Help

This option indicates that we are building a Zephyr image that is intended to execute in Secure state. The option is only applicable to ARMv8-M MCUs that implement the Security Extension.

This option enables Zephyr to include code that executes in Secure state, as well as to exclude code that is designed to execute only in Non-secure state.

Code executing in Secure state has access to both the Secure and Non-Secure resources of the Cortex-M MCU.

Code executing in Non-Secure state may trigger Secure Faults, if Secure MCU resources are accessed from the Non-Secure state. Secure Faults may only be handled by code executing in Secure state.

Direct dependencies

ARMV8_M_SE && !ARM64 && ARM

(Includes any dependencies from ifs and menus.)

Default

• y if TRUSTED_EXECUTION_SECURE

Kconfig definition

At <Zephyr>/arch/arm/core/aarch32/Kconfig:176

Included via <Zephyr>/Kconfig:8 → <Zephyr>/Kconfig.zephyr:29 → <Zephyr>/arch/Kconfig:12 → <Zephyr>/arch/arm/Kconfig:42

Menu path: (Top) → ARM Options

config ARM_SECURE_FIRMWARE
    bool
    default y if TRUSTED_EXECUTION_SECURE
    depends on ARMV8_M_SE && !ARM64 && ARM
    help
      This option indicates that we are building a Zephyr image that
      is intended to execute in Secure state. The option is only
      applicable to ARMv8-M MCUs that implement the Security Extension.

      This option enables Zephyr to include code that executes in
      Secure state, as well as to exclude code that is designed to
      execute only in Non-secure state.

      Code executing in Secure state has access to both the Secure
      and Non-Secure resources of the Cortex-M MCU.

      Code executing in Non-Secure state may trigger Secure Faults,
      if Secure MCU resources are accessed from the Non-Secure state.
      Secure Faults may only be handled by code executing in Secure
      state.

(The ‘depends on’ condition includes propagated dependencies from ifs and menus.)