TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / next / TF-M / trusted-firmware-m / refs/heads/feature-build-split-v2 / . / secure_fw / spm / Kconfig
blob: 4077c6318ccbbe6d3f794f2d74fe84bf5c2602cf [file] [log] [blame]
Jianliang Shen710cb952022-10-08 11:32:35 +0800[diff] [blame]1#-------------------------------------------------------------------------------
Kevin Peng5cba61c2023-01-06 14:23:15 +0800[diff] [blame]2# Copyright (c) 2022-2023, Arm Limited. All rights reserved.
Jianliang Shen710cb952022-10-08 11:32:35 +0800[diff] [blame]3#
4# SPDX-License-Identifier: BSD-3-Clause
5#
6#-------------------------------------------------------------------------------
7
Kevin Peng5cba61c2023-01-06 14:23:15 +0800[diff] [blame]8menu "SPM"
9config TFM_ISOLATION_LEVEL
10 int "Isolation level"
11 default 1
Kevin Peng5cba61c2023-01-06 14:23:15 +0800[diff] [blame]12 range 1 3 if PLATFORM_HAS_ISOLATION_L3_SUPPORT
13 range 1 2
Jianliang Shen1229c092023-02-20 14:06:08 +0800[diff] [blame]14 help
15 SFN backend only supports level 1.
16 IPC backend can support all 3 levels.
17 Isolation level 3 requires platform support.
Jianliang Shen710cb952022-10-08 11:32:35 +0800[diff] [blame]18
Kevin Peng5cba61c2023-01-06 14:23:15 +0800[diff] [blame]19choice
20 prompt "SPM Backend"
Jianliang Shen710cb952022-10-08 11:32:35 +0800[diff] [blame]21
Kevin Peng5cba61c2023-01-06 14:23:15 +0800[diff] [blame]22 config CONFIG_TFM_SPM_BACKEND_SFN
23 bool "SFN Backend"
Jianliang Shen1229c092023-02-20 14:06:08 +0800[diff] [blame]24 # Multi-core platform based on inter-core communication cannot fully work with SFN
25 # backend yet.
26 # TO-DO: Check whether it depends on TFM_PARTITION_NS_AGENT_MAILBOX or TFM_MULTI_CORE_TOPOLOGY
27 depends on !TFM_PARTITION_NS_AGENT_MAILBOX && TFM_ISOLATION_LEVEL = 1
Kevin Peng5cba61c2023-01-06 14:23:15 +0800[diff] [blame]28
29 config CONFIG_TFM_SPM_BACKEND_IPC
30 bool "IPC Backend"
Kevin Peng54e31d02023-01-06 18:03:19 +0800[diff] [blame]31 select CONFIG_TFM_PARTITION_META
Kevin Peng5cba61c2023-01-06 14:23:15 +0800[diff] [blame]32endchoice
33
34config CONFIG_TFM_SPM_BACKEND
35 string
36 default "IPC" if CONFIG_TFM_SPM_BACKEND_IPC
37 default "SFN" if CONFIG_TFM_SPM_BACKEND_SFN
38 default ""
39
40choice
Jianliang Shen1229c092023-02-20 14:06:08 +0800[diff] [blame]41 prompt "FIH Profile"
42 default TFM_FIH_PROFILE_OFF
43 help
44 Fault injection hardening profile
Kevin Peng5cba61c2023-01-06 14:23:15 +0800[diff] [blame]45
46 config TFM_FIH_PROFILE_OFF
47 bool "OFF"
48
49 config TFM_FIH_PROFILE_LOW
50 bool "Low"
51
52 config TFM_FIH_PROFILE_MEDIUM
53 bool "Medium"
54
55 config TFM_FIH_PROFILE_HIGH
56 bool "High"
57endchoice
58
59config TFM_FIH_PROFILE
60 string
61 default "OFF" if TFM_FIH_PROFILE_OFF
62 default "LOW" if TFM_FIH_PROFILE_LOW
63 default "MEDIUM" if TFM_FIH_PROFILE_MEDIUM
64 default "HIGH" if TFM_FIH_PROFILE_HIGH
65
66config PSA_FRAMEWORK_HAS_MM_IOVEC
Jianliang Shen1229c092023-02-20 14:06:08 +0800[diff] [blame]67 bool "MM-IOVEC"
Kevin Peng5cba61c2023-01-06 14:23:15 +0800[diff] [blame]68 default n
69 depends on TFM_ISOLATION_LEVEL = 1
Jianliang Shen1229c092023-02-20 14:06:08 +0800[diff] [blame]70 help
71 Memory-mapped IOVECs feature, supported only for isolation level 1
72
73################################# Misc #########################################
74
Jianliang Shen1229c092023-02-20 14:06:08 +0800[diff] [blame]75config TFM_EXCEPTION_INFO_DUMP
76 bool "Exception information dump"
77 default n
78 help
79 On fatal errors in the secure firmware, capture info about the
80 exception. Print the info if the "SPM Log Level" is sufficient.
81
82config CONFIG_TFM_HALT_ON_CORE_PANIC
83 bool "Halt instead of rebooting"
84 default n
85 help
86 On fatal errors in the secure firmware, halt instead of rebooting.
87 This would be helpful for debugging.
88
89config TFM_PXN_ENABLE
90 bool "PXN"
91 depends on ARCH_ARM_V81MM
92 default n
93 help
94 Privileged eXecute-Never.
95 Enables the PXN feature in common MPU driver and isolation setup.
96
97config CONFIG_TFM_STACK_WATERMARKS
98 bool "Stack Watermarks"
99 depends on TFM_ISOLATION_LEVEL != 3
100 help
101 Whether to pre-fill partition stacks with a set value to help
102 determine stack usage.
103 Not supported for isolation level 3 yet.
104
105config NUM_MAILBOX_QUEUE_SLOT
106 int "Number of mailbox queue slots"
107 depends on TFM_PARTITION_NS_AGENT_MAILBOX
108 default 1
109
110################################# SPM log level ################################
111
Kevin Pengc21b15a2023-04-11 15:35:09 +0800[diff] [blame]112choice SPM_LOG_LEVEL
Jianliang Shen1229c092023-02-20 14:06:08 +0800[diff] [blame]113 prompt "SPM Log Level"
114 default SPM_LOG_LEVEL_SILENCE
115
116 config SPM_LOG_LEVEL_DEBUG
117 bool "Debug"
118
119 config SPM_LOG_LEVEL_INFO
120 bool "Info"
121
122 config SPM_LOG_LEVEL_ERROR
123 bool "Error"
124
125 config SPM_LOG_LEVEL_SILENCE
126 bool "Silence"
127endchoice
128
129config TFM_SPM_LOG_LEVEL
130 int
131 default 3 if SPM_LOG_LEVEL_DEBUG
132 default 2 if SPM_LOG_LEVEL_INFO
133 default 1 if SPM_LOG_LEVEL_ERROR
134 default 0 if SPM_LOG_LEVEL_SILENCE
135
Jianliang Shen710cb952022-10-08 11:32:35 +0800[diff] [blame]136endmenu
Kevin Peng54e31d02023-01-06 18:03:19 +0800[diff] [blame]137
Jianliang Shen0de293f2023-02-20 15:09:02 +0800[diff] [blame]138config TFM_SPM_LOG_RAW_ENABLED
139 bool
140 default y if TFM_SPM_LOG_LEVEL != 0 || TFM_SP_LOG_RAW_ENABLED
141 default n
142
Kevin Peng54e31d02023-01-06 18:03:19 +0800[diff] [blame]143######################## Promptless (non-user) config options ##################
144########### Do NOT change the following config options anywhere! ###############
145config CONFIG_TFM_PARTITION_META
146 def_bool n
147
148config TFM_PARTITION_NS_AGENT_MAILBOX
149 bool
150 default y if TFM_MULTI_CORE_TOPOLOGY
151 default n
152
153config TFM_PARTITION_NS_AGENT_TZ
154 bool
155 default y if CONFIG_TFM_USE_TRUSTZONE
156 default n