boards: Enable TF-M by default for nordic SoC NS boards

Enable TF-M by default for nordic nRF5340 and nrf9160 SoC boards.

Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
This commit is contained in:
Joakim Andersson 2022-05-05 12:04:26 +02:00 committed by Carles Cufí
commit 17fd1f8fba
7 changed files with 17 additions and 90 deletions

View file

@ -13,21 +13,6 @@ config BOARD
config I2C
default GPIO || DAC
# By default, if we build for a Non-Secure version of the board,
# enable building with TF-M as the Secure Execution Environment.
config BUILD_WITH_TFM
default y if BOARD_BL5340_DVK_CPUAPP_NS
if BUILD_WITH_TFM
# By default, if we build with TF-M, instruct build system to
# flash the combined TF-M (Secure) & Zephyr (Non Secure) image
config TFM_FLASH_MERGED_BINARY
bool
default y
endif # BUILD_WITH_TFM
# Code Partition:
#
# For the secure version of the board the firmware is linked at the beginning

View file

@ -8,21 +8,6 @@ if BOARD_NRF5340DK_NRF5340_CPUAPP || BOARD_NRF5340DK_NRF5340_CPUAPP_NS
config BOARD
default "nrf5340dk_nrf5340_cpuapp" if BOARD_NRF5340DK_NRF5340_CPUAPP || BOARD_NRF5340DK_NRF5340_CPUAPP_NS
# By default, if we build for a Non-Secure version of the board,
# enable building with TF-M as the Secure Execution Environment.
config BUILD_WITH_TFM
default y if BOARD_NRF5340DK_NRF5340_CPUAPP_NS
if BUILD_WITH_TFM
# By default, if we build with TF-M, instruct build system to
# flash the combined TF-M (Secure) & Zephyr (Non Secure) image
config TFM_FLASH_MERGED_BINARY
bool
default y
endif # BUILD_WITH_TFM
# Code Partition:
#
# For the secure version of the board the firmware is linked at the beginning

View file

@ -8,21 +8,6 @@ if BOARD_NRF9160DK_NRF9160 || BOARD_NRF9160DK_NRF9160_NS
config BOARD
default "nrf9160dk_nrf9160"
# By default, if we build for a Non-Secure version of the board,
# enable building with TF-M as the Secure Execution Environment.
config BUILD_WITH_TFM
default y if BOARD_NRF9160DK_NRF9160_NS
if BUILD_WITH_TFM
# By default, if we build with TF-M, instruct build system to
# flash the combined TF-M (Secure) & Zephyr (Non Secure) image
config TFM_FLASH_MERGED_BINARY
bool
default y
endif # BUILD_WITH_TFM
# For the secure version of the board the firmware is linked at the beginning
# of the flash, or into the code-partition defined in DT if it is intended to
# be loaded by MCUboot. If the secure firmware is to be combined with a non-

View file

@ -8,21 +8,6 @@ if BOARD_NRF9161DK_NRF9161 || BOARD_NRF9161DK_NRF9161_NS
config BOARD
default "nrf9161dk_nrf9161"
# By default, if we build for a Non-Secure version of the board,
# enable building with TF-M as the Secure Execution Environment.
config BUILD_WITH_TFM
default y if BOARD_NRF9161DK_NRF9161_NS
if BUILD_WITH_TFM
# By default, if we build with TF-M, instruct build system to
# flash the combined TF-M (Secure) & Zephyr (Non Secure) image
config TFM_FLASH_MERGED_BINARY
bool
default y
endif # BUILD_WITH_TFM
# For the secure version of the board the firmware is linked at the beginning
# of the flash, or into the code-partition defined in DT if it is intended to
# be loaded by MCUboot. If the secure firmware is to be combined with a non-

View file

@ -8,21 +8,6 @@ if BOARD_RAYTAC_MDBT53_DB_40_NRF5340_CPUAPP || BOARD_RAYTAC_MDBT53_DB_40_NRF534
config BOARD
default "raytac_mdbt53_db_40_nrf5340_cpuapp"
# By default, if we build for a Non-Secure version of the board,
# enable building with TF-M as the Secure Execution Environment.
config BUILD_WITH_TFM
default n if BOARD_RAYTAC_MDBT53_DB_40_NRF5340_CPUAPP_NS
if BUILD_WITH_TFM
# By default, if we build with TF-M, instruct build system to
# flash the combined TF-M (Secure) & Zephyr (Non Secure) image
config TFM_FLASH_MERGED_BINARY
bool
default n
endif # BUILD_WITH_TFM
# Code Partition:
#
# For the secure version of the board the firmware is linked at the beginning

View file

@ -7,20 +7,6 @@ if BOARD_RAYTAC_MDBT53V_DB_40_NRF5340_CPUAPP || BOARD_RAYTAC_MDBT53V_DB_40_NRF5
config BOARD
default "raytac_mdbt53v_db_40_nrf5340_cpuapp" if BOARD_RAYTAC_MDBT53V_DB_40_NRF5340_CPUAPP || BOARD_RAYTAC_MDBT53V_DB_40_NRF5340_CPUAPP_NS
# By default, if we build for a Non-Secure version of the board,
# enable building with TF-M as the Secure Execution Environment.
config BUILD_WITH_TFM
default n if BOARD_BL5340_DVK_CPUAPP_NS
if BUILD_WITH_TFM
# By default, if we build with TF-M, instruct build system to
# flash the combined TF-M (Secure) & Zephyr (Non Secure) image
config TFM_FLASH_MERGED_BINARY
bool
default n
endif # BUILD_WITH_TFM
# Code Partition:
#

View file

@ -25,13 +25,29 @@ config NRF_SOC_SECURE_SUPPORTED
For non-secure the functions must redirect to secure services exposed
by the secure firmware.
config BUILD_WITH_TFM
default y if TRUSTED_EXECUTION_NONSECURE
help
By default, if we build for a Non-Secure version of the board,
enable building with TF-M as the Secure Execution Environment.
if BUILD_WITH_TFM
config TFM_FLASH_MERGED_BINARY
default y
help
By default, if we build with TF-M, instruct build system to
flash the combined TF-M (Secure) & Zephyr (Non Secure) image
config TFM_LOG_LEVEL_SILENCE
default y if !$(dt_nodelabel_has_prop,uart1,pinctrl-names)
depends on BUILD_WITH_TFM
help
Disable TF-M secure output if the uart1 node has not assigned GPIO
pins using pinctrl.
endif # BUILD_WITH_TFM
config NRF_MPU_FLASH_REGION_SIZE
hex
default 0x1000