-
CONFIG_BUILD_WITH_TFM¶
Build with TF-M as the Secure Execution Environment
Type: bool
Help¶
When enabled, this option instructs the Zephyr build process to additionaly generate a TF-M image for the Secure Execution environment, along with the Zephyr image. The Zephyr image itself is to be executed in the Non-Secure Processing Environment. The required dependency on TRUSTED_EXECUTION_NONSECURE ensures that the Zephyr image is built as a Non-Secure image. Both TF-M and Zephyr images, as well as the veneer object file that links them, are generated during the normal Zephyr build process.
- Note:
Building with the “_nonsecure” BOARD variant (e.g. “mps2_an521_nonsecure”) ensures that CONFIG_TRUSTED_EXECUTION_NONSECURE ie enabled.
Direct dependencies¶
BOARD_NRF5340PDK_NRF5340_CPUAPP || BOARD_NRF5340PDK_NRF5340_CPUAPPNS || BOARD_NRF5340DK_NRF5340_CPUAPP || BOARD_NRF5340DK_NRF5340_CPUAPPNS || (TRUSTED_EXECUTION_NONSECURE && TFM_BOARD != “” && ARM_TRUSTZONE_M)
(Includes any dependencies from ifs and menus.)
Default¶
Symbols implied by this symbol¶
Kconfig definitions¶
At boards/arm/nrf5340dk_nrf5340/Kconfig.defconfig:22
Included via Kconfig:8 → Kconfig.zephyr:18
Menu path: (Top)
config BUILD_WITH_TFM
bool
default y if BOARD_NRF5340DK_NRF5340_CPUAPPNS || BOARD_NRF5340PDK_NRF5340_CPUAPPNS
depends on BOARD_NRF5340PDK_NRF5340_CPUAPP || BOARD_NRF5340PDK_NRF5340_CPUAPPNS || BOARD_NRF5340DK_NRF5340_CPUAPP || BOARD_NRF5340DK_NRF5340_CPUAPPNS
At modules/Kconfig.tfm:22
Included via Kconfig:8 → Kconfig.zephyr:23 → modules/Kconfig:32
Menu path: (Top) → Modules
menuconfig BUILD_WITH_TFM
bool "Build with TF-M as the Secure Execution Environment"
imply INIT_ARCH_HW_AT_BOOT
depends on TRUSTED_EXECUTION_NONSECURE && TFM_BOARD != "" && ARM_TRUSTZONE_M
help
When enabled, this option instructs the Zephyr build process to
additionaly generate a TF-M image for the Secure Execution
environment, along with the Zephyr image. The Zephyr image
itself is to be executed in the Non-Secure Processing Environment.
The required dependency on TRUSTED_EXECUTION_NONSECURE
ensures that the Zephyr image is built as a Non-Secure image. Both
TF-M and Zephyr images, as well as the veneer object file that links
them, are generated during the normal Zephyr build process.
Note:
Building with the "_nonsecure" BOARD variant (e.g.
"mps2_an521_nonsecure") ensures that
CONFIG_TRUSTED_EXECUTION_NONSECURE ie enabled.
(The ‘depends on’ condition includes propagated dependencies from ifs and menus.)