# Kconfig - ARM core configuration options # # Copyright (c) 2015 Wind River Systems, Inc. # # SPDX-License-Identifier: Apache-2.0 # config CPU_CORTEX bool # Omit prompt to signify "hidden" option help This option signifies the use of a CPU of the Cortex family. config CPU_CORTEX_M bool # Omit prompt to signify "hidden" option select CPU_CORTEX select ARCH_HAS_CUSTOM_SWAP_TO_MAIN select HAS_CMSIS select HAS_FLASH_LOAD_OFFSET select ARCH_HAS_THREAD_ABORT select ARCH_HAS_TRUSTED_EXECUTION if ARM_TRUSTZONE_M select ARCH_HAS_STACK_PROTECTION if ARM_MPU || CPU_CORTEX_M_HAS_SPLIM select ARCH_HAS_USERSPACE if ARM_MPU select ARCH_HAS_NOCACHE_MEMORY_SUPPORT if ARM_MPU && CPU_HAS_ARM_MPU && CPU_CORTEX_M7 select ARCH_HAS_RAMFUNC_SUPPORT select SWAP_NONATOMIC help This option signifies the use of a CPU of the Cortex-M family. config BUILTIN_STACK_GUARD bool "Thread Stack Guards based on built-in ARM stack limit checking" depends on CPU_CORTEX_M_HAS_SPLIM select THREAD_STACK_INFO help Enable Thread/Interrupt Stack Guards via built-in Stack Pointer limit checking. The functionality must be supported by HW. config ARM_STACK_PROTECTION bool default y if HW_STACK_PROTECTION imply BUILTIN_STACK_GUARD if CPU_CORTEX_M_HAS_SPLIM select MPU_STACK_GUARD if (!BUILTIN_STACK_GUARD && ARM_MPU) help This option enables either: - The built-in Stack Pointer limit checking, or - the MPU-based stack guard to cause a system fatal error if the bounds of the current process stack are overflowed. The two stack guard options are mutually exclusive. The selection of the built-in Stack Pointer limit checking is prioritized over the MPU-based stack guard. The developer still has the option to manually select the MPU-based stack guard, if this is desired. config ARM_SECURE_FIRMWARE bool depends on ARMV8_M_SE default y if TRUSTED_EXECUTION_SECURE help This option indicates that we are building a Zephyr image that is intended to execute in Secure state. The option is only applicable to ARMv8-M MCUs that implement the Security Extension. This option enables Zephyr to include code that executes in Secure state, as well as to exclude code that is designed to execute only in Non-secure state. Code executing in Secure state has access to both the Secure and Non-Secure resources of the Cortex-M MCU. Code executing in Non-Secure state may trigger Secure Faults, if Secure MCU resources are accessed from the Non-Secure state. Secure Faults may only be handled by code executing in Secure state. config ARM_NONSECURE_FIRMWARE bool depends on !ARM_SECURE_FIRMWARE depends on ARMV8_M_SE default y if TRUSTED_EXECUTION_NONSECURE help This option indicates that we are building a Zephyr image that is intended to execute in Non-Secure state. Execution of this image is triggered by Secure firmware that executes in Secure state. The option is only applicable to ARMv8-M MCUs that implement the Security Extension. This option enables Zephyr to include code that executes in Non-Secure state only, as well as to exclude code that is designed to execute only in Secure state. Code executing in Non-Secure state has no access to Secure resources of the Cortex-M MCU, and, therefore, it shall avoid accessing them. menu "ARM TrustZone Options" depends on ARM_SECURE_FIRMWARE || ARM_NONSECURE_FIRMWARE comment "Secure firmware" depends on ARM_SECURE_FIRMWARE comment "Non-secure firmware" depends on !ARM_SECURE_FIRMWARE config ARM_SECURE_BUSFAULT_HARDFAULT_NMI bool "BusFault, HardFault, and NMI target Secure state" depends on ARM_SECURE_FIRMWARE help Force NMI, HardFault, and BusFault (in Mainline ARMv8-M) exceptions as Secure exceptions. config ARM_FIRMWARE_HAS_SECURE_ENTRY_FUNCS bool "Secure Firmware has Secure Entry functions" depends on ARM_SECURE_FIRMWARE help Option indicates that ARM Secure Firmware contains Secure Entry functions that may be called from Non-Secure state. Secure Entry functions must be located in Non-Secure Callable memory regions. config ARM_NSC_REGION_BASE_ADDRESS hex "ARM Non-Secure Callable Region base address" depends on ARM_FIRMWARE_HAS_SECURE_ENTRY_FUNCS default 0 help Start address of Non-Secure Callable section. Notes: - The default value (i.e. when the user does not configure the option explicitly) instructs the linker script to place the Non-Secure Callable section, automatically, inside the .text area. - Certain requirements/restrictions may apply regarding the size and the alignment of the starting address for a Non-Secure Callable section, depending on the available security attribution unit (SAU or IDAU) for a given SOC. config ARM_FIRMWARE_USES_SECURE_ENTRY_FUNCS bool "Non-Secure Firmware uses Secure Entry functions" depends on ARM_NONSECURE_FIRMWARE help Option indicates that ARM Non-Secure Firmware uses Secure Entry functions provided by the Secure Firmware. The Secure Firmware must be configured to provide these functions. config ARM_ENTRY_VENEERS_LIB_NAME string "Entry Veneers symbol file" depends on ARM_FIRMWARE_HAS_SECURE_ENTRY_FUNCS \ || ARM_FIRMWARE_USES_SECURE_ENTRY_FUNCS default "libentryveneers.a" help Library file to find the symbol table for the entry veneers. The library will typically come from building the Secure Firmware that contains secure entry functions, and allows the Non-Secure Firmware to call into the Secure Firmware. endmenu menu "Architecture Floating Point Options" depends on CPU_HAS_FPU choice prompt "Floating point ABI" default FP_HARDABI depends on FLOAT config FP_HARDABI bool "Floating point Hard ABI" help This option selects the Floating point ABI in which hardware floating point instructions are generated and uses FPU-specific calling conventions config FP_SOFTABI bool "Floating point Soft ABI" help This option selects the Floating point ABI in which hardware floating point instructions are generated but soft-float calling conventions. endchoice endmenu source "arch/arm/core/cortex_m/Kconfig" source "arch/arm/core/cortex_m/mpu/Kconfig" source "arch/arm/core/cortex_m/tz/Kconfig"