nrf9160 with only non-secure partitions/code on a custom board

Question

I am in the early stages of development and would like to proceed with only non-secure partitions on the nrf9160. I'd like to not make use of TrustZone. 
 I notice all of the nrf9160 board definitions have secure and non-secure partitions set up. Is it possible to treat the nrf9160 as a non-secure-only platform and only have 3 basic partitions: bootloader (mcuboot), image 0, and image 1? Or will I always have to have some small secure partition stub? 
 My initial attempts to set up a non-secure-only custom board have resulted in some compiler issues, but I don't want to dig into them here. I'm happy to figure those out if someone can confirm that non-secure-only is possible. I also understand I may need other partitions for scratch space and persistent storage but those are outside the scope of this question. 
 Thanks!

helsing · Accepted Answer

Sorry for the delay. 
 TF-M minimal configuration will become more or less mandatory from our end. It is very small footprint and it only provides one service to the non-secure world(which is the ability to get RNG numbers out). If everything is to be placed in the same domain, then that would need to be the secure domain. Everything in the non-secure domain is not possible. In any case, modem_library can only be used from non-secure. 
 From the documentation : 
 The Modem library needs a region of RAM within the first lower 128KB to share with the modem. To be accessible by both the modem and the application, this region of RAM must be configured as non-secure by the secure application. 
 Please also have a look at the T-FM secure peripheral partion sample .

nrf9160 with only non-secure partitions/code on a custom board

Top Replies