Hi Waqar Ali,

It is possible for a secure service to be preempted by a NS interrupt.
There are two main build options you may want to have a look at:
https://git.trustedfirmware.org/plugins/gitiles/TF-M/trusted-firmware-m.git/+/refs/heads/main/config/config_base.h#338
https://git.trustedfirmware.org/plugins/gitiles/TF-M/trusted-firmware-m.git/+/refs/heads/main/config/config_base.h#342
These two should give you enough control on how to manage the scenario you described, the latter in particular.

Generally, interrupt priorities in TF-M are configured in the platform's specific tfm_interrupts.c, while the MPU/SAU/IDAU is usually set in  target_cfg.c via tfm_hal_isolation_v8m.c (or equivalent).
https://git.trustedfirmware.org/plugins/gitiles/TF-M/trusted-firmware-m.git/+/refs/heads/main/platform/ext/target/arm/mps2/an521/target_cfg.c#385

Hope that helps as a starting point.

Best regards
Nicola

From: Waqar Ali Tahir via TF-M <tf-m@lists.trustedfirmware.org>
Sent: 01 August 2025 16:08
To: tf-m@lists.trustedfirmware.org <tf-m@lists.trustedfirmware.org>
Cc: Ruchika Gupta <ruchika.gupta_1@nxp.com>
Subject: [TF-M] Clarification on IRQ Preemption of Secure User Context by Non-Secure Interrupts
 

Dear TF-M Community,

 

I have a question regarding a specific use case involving interrupt handling and domain preemption in a TrustZone-enabled system using TF-M.

In the scenario where the processor is executing within a Secure user context (e.g., during Secure Partition execution), is it possible for an interrupt assigned to the Non-Secure domain to pre-empt this Secure execution?

 

Any guidance on how TF-M manages interrupt priority and security attribution in this context would be greatly appreciated.

 

 

Best regards,

Waqar Ali

 

 

 

Waqar Ali Tahir

(He / Him / His)

Embedded SW Engineer

Phone: +433124 299160

Email: waqar.tahir@nxp.com

                                                                                                                                            

 

 

NXP Semiconductors Austria GmbH & Co KG | Mikronweg 1, 8101 Gratkorn | Austria |

Sitz: Gratkorn, Österreich | Firmenbuchgericht: Landesgericht für ZRS Graz | Firmenbuchnummer: FN 541474 k | VAT: ATU76231908

 

Unless otherwise recorded in a signed, written agreement, all sales transactions by NXP are exclusively subject to NXP’s Terms and Conditions of Commercial Sale (“NXP Terms”) published at: www.nxp.com/profile/terms/index.html. NXP explicitly rejects and disregards any terms and conditions of customer that add to, or differ from, NXP’s Terms irrespective of when customer raises its terms.  The information contained in this message is confidential. The message is intended solely for the addressee(s). If you are not the intended recipient, any use, dissemination, or reproduction is strictly prohibited and may be unlawful and you are asked to please contact the sender by return e-mail and destroy all copies of the original message.