CONFIG_TRUSTED_EXECUTION_SECURE

Trusted Execution: Secure firmware image

Type: bool

Help

Select this option to enable building a Secure firmware image for a platform that supports Trusted Execution. A Secure firmware image will execute in Secure state. It may allow the CPU to execute in Non-Secure (Normal) state. Therefore, a Secure firmware image shall be able to configure security attributions of CPU resources (memory areas, peripherals, interrupts, etc.) as well as to handle faults, related to security violations. It may optionally allow certain functions to be called from the Non-Secure (Normal) domain.

Direct dependencies

ARCH_HAS_TRUSTED_EXECUTION

(Includes any dependencies from ifs and menus.)

Defaults

No defaults. Implicitly defaults to n.

Symbols that select this symbol

• IS_SPM

Kconfig definition

At <Zephyr>/arch/Kconfig:188

Included via <Zephyr>/Kconfig:8 → <Zephyr>/Kconfig.zephyr:29

Menu path: (Top) → General Architecture Options

config TRUSTED_EXECUTION_SECURE
    bool "Trusted Execution: Secure firmware image"
    depends on ARCH_HAS_TRUSTED_EXECUTION
    help
      Select this option to enable building a Secure firmware
      image for a platform that supports Trusted Execution. A
      Secure firmware image will execute in Secure state. It may
      allow the CPU to execute in Non-Secure (Normal) state.
      Therefore, a Secure firmware image shall be able to
      configure security attributions of CPU resources (memory
      areas, peripherals, interrupts, etc.) as well as to handle
      faults, related to security violations. It may optionally
      allow certain functions to be called from the Non-Secure
      (Normal) domain.

(The ‘depends on’ condition includes propagated dependencies from ifs and menus.)