Secure Partition Manager (SPM)¶
The Secure Partition Manager (SPM) provides functionality for the Trusted Execution Environment of the nRF9160 and the nRF5340.
Overview¶
The Cortex-M33 CPU in the nRF9160 and nRF5340 devices implements ARM TrustZone, which means it can run a “secure” and a “non-secure” app side by side. The SPM, being the secure app, is responsible for configuring the permissions and resources of the non-secure app and then booting it. Such configuration is required to run non-secure apps. The SPM also provides the non-secure app with access to features (Secure Services) that are normally only available to secure apps.
Note
If your application is using TF-M, SPM is not included in the build.
The SPM library is used in the Secure Partition Manager sample.
Configuration¶
The Secure Partition Manager (SPM) uses the SPU peripheral to configure security attributions for the flash, SRAM, and peripherals. Note that the SPU peripheral is the nRF version of an IDAU (Implementation-Defined Security Attribution Unit).
Use Kconfig to configure the security attributions for the peripherals.
Modify the source code of the SPM subsystem to configure the security attributions of SRAM.
If Partition Manager is used, the security attributions of the flash regions are deduced from the generated file pm.config
.
Otherwise, the security attributions of the flash regions are deduced from devicetree information.
For SRAM and peripherals, the following security attribution configuration is applied:
- SRAM (256 kB)
Lower 64 kB: Secure
Upper 192 kB: Non-Secure
- Peripherals configured as Non-Secure
CLOCK
DPPI
EGU1, EGU2
FPU
GPIO (and GPIO pins)
GPIOTE1
IPC
NFCT
NVMC, VMC
PWM0-3
REGULATORS
RTC0, RTC1
SAADC
SPIM3
TIMER0-2
TWIM2
UARTE0, UARTE1
WDT
Secure Services¶
The SPM by default provides certain Secure Services to the Non-Secure Firmware. See Secure Services for more information.
API documentation¶
include/spm.h
subsys/spm/
-
group
secure_partition_manager
Secure Partition Manager (SPM).
The Secure Partition Manager (SPM) provides functions for configuring the security attributes of flash, RAM, and peripherals.
Functions
-
void
spm_jump
(void)¶ Jump to non-secure partition.
This function extracts the VTOR_NS from DT_FLASH_AREA_IMAGE_0_NONSECURE_OFFSET_0 and configures the MSP accordingly before jumping to VTOR_NS[1].
-
void
spm_config
(void)¶ Configure security attributes of flash, RAM, and peripherals.
This function reads the security attribute options set for peripherals in Kconfig. The RAM and flash partitioning is configured statically.
-
void