-
CONFIG_BUILD_WITH_TFM
¶
Build with TF-M as the Secure Execution Environment
Type: bool
Help¶
When enabled, this option instructs the Zephyr build process to additionaly generate a TF-M image for the Secure Execution environment, along with the Zephyr image. The Zephyr image itself is to be executed in the Non-Secure Processing Environment. The required dependency on TRUSTED_EXECUTION_NONSECURE ensures that the Zephyr image is built as a Non-Secure image. Both TF-M and Zephyr images, as well as the veneer object file that links them, are generated during the normal Zephyr build process.
- Note:
Building with the “_nonsecure” BOARD variant (e.g. “mps2_an521_nonsecure”) ensures that CONFIG_TRUSTED_EXECUTION_NONSECURE ie enabled.
Defaults¶
No defaults. Implicitly defaults to n
.
Symbols selected by this symbol¶
Symbols implied by this symbol¶
Kconfig definitions¶
At <nRF>/subsys/partition_manager/Kconfig:107
Included via <Zephyr>/Kconfig:8
→ <Zephyr>/Kconfig.zephyr:9
→ <BuildDir>/Kconfig/Kconfig.modules:1
→ <nRF>/Kconfig.nrf:25
→ <nRF>/subsys/Kconfig:36
Menu path: (Top) → Modules → Nordic nRF Connect → Partition Manager
config BUILD_WITH_TFM
bool
select PM_SINGLE_IMAGE
At <Zephyr>/modules/Kconfig.tfm:21
Included via <Zephyr>/Kconfig:8
→ <Zephyr>/Kconfig.zephyr:10
→ <Zephyr>/modules/Kconfig:28
Menu path: (Top) → Modules
menuconfig BUILD_WITH_TFM bool "Build with TF-M as the Secure Execution Environment" selectCMSIS_RTOS_V2
implyPOLL
implyTHREAD_NAME
implyTHREAD_STACK_INFO
implyINIT_STACKS
implyTHREAD_MONITOR
depends onTRUSTED_EXECUTION_NONSECURE
&&TFM_BOARD
!= "" help When enabled, this option instructs the Zephyr build process to additionaly generate a TF-M image for the Secure Execution environment, along with the Zephyr image. The Zephyr image itself is to be executed in the Non-Secure Processing Environment. The required dependency on TRUSTED_EXECUTION_NONSECURE ensures that the Zephyr image is built as a Non-Secure image. Both TF-M and Zephyr images, as well as the veneer object file that links them, are generated during the normal Zephyr build process. Note: Building with the "_nonsecure" BOARD variant (e.g. "mps2_an521_nonsecure") ensures that CONFIG_TRUSTED_EXECUTION_NONSECURE ie enabled.
(The ‘depends on’ condition includes propagated dependencies from ifs and menus.)