Secure Partition Manager (SPM)
The Secure Partition Manager (SPM) provides functionality for the Trusted Execution Environment of the nRF9160 SiP and the nRF5340 SoC. As of nRF Connect SDK v2.1.0, the Secure Partition Manager is replaced by the Trusted Firmware-M (TF-M) and deprecated. It will be removed in a future release of the nRF Connect SDK.
See Running applications with Trusted Firmware-M for more information about the TF-M.
The Cortex-M33 CPU in the nRF9160 and nRF5340 devices implements ARM TrustZone. This allows the CPU to run firmware in Secure Processing Environment (SPE) and Non-Secure Processing Environment (NSPE) side by side.
The SPM runs as an SPE firmware. It configures the permissions and resources of the NSPE firmware and then boots it. Such separation of firmware is required to run NSPE applications.
The SPM also provides NSPE firmware with access to features that are normally only available to firmware in SPE. You can find the feature list on the Secure Services page.
If your application uses TF-M, SPM is not included in the build.
The SPM library is used in the Secure Partition Manager sample.
The Secure Partition Manager (SPM) uses the System Protection Unit (SPU) peripheral to set security attributions for the flash memory, the SRAM, and other peripherals. Security attributions are boolean Kconfig options that configure security settings like, for example, defining a peripheral as secure or non-secure. The SPU peripheral is the nRF version of an Implementation-Defined Security Attribution Unit (IDAU).
To configure SPM, do the following:
Use Kconfig to configure the security attributions for the peripherals.
Modify the source code of the SPM library to configure the security attributions of the SRAM.
Partition Manager must be used with SPM.
The security attributions of the flash memory regions are taken from the generated
For the SRAM and the peripherals, the following security attribution configuration is applied:
Lower 64 kB: Secure
Upper 192 kB: Non-Secure
In total, this makes 256 kB for the SRAM.
The following peripherals are configured as Non-Secure:
GPIO (and GPIO pins)
nRF9160 SiP specific peripherals:
nRF5340 SoC specific peripherals:
The SPM provides by default certain Secure Services to the NSPE firmware. See Secure Services for more information.
- group secure_partition_manager
Secure Partition Manager (SPM).
The Secure Partition Manager (SPM) provides functions for configuring the security attributes of flash, RAM, and peripherals.
Jump to non-secure partition.
This function extracts the VTOR_NS from DT_FLASH_AREA_IMAGE_0_NONSECURE_OFFSET_0 and configures the MSP accordingly before jumping to VTOR_NS.
Configure security attributes of flash, RAM, and peripherals.
This function reads the security attribute options set for peripherals in Kconfig. The RAM and flash partitioning is configured statically.
- void spm_jump(void)