PSA protected storage: Add encrypt & RB protect flags by default to set.

pull/10746/head
David Saada 2019-06-03 16:32:55 +03:00
parent f18e3364e9
commit dcd2c292af
4 changed files with 24 additions and 13 deletions

View File

@ -185,12 +185,8 @@ static void generate_fn(char *tdb_filename, uint32_t tdb_filename_size, psa_stor
psa_status_t psa_storage_set_impl(KVStore *kvstore, int32_t pid, psa_storage_uid_t uid, psa_status_t psa_storage_set_impl(KVStore *kvstore, int32_t pid, psa_storage_uid_t uid,
uint32_t data_length, const void *p_data, uint32_t data_length, const void *p_data,
psa_storage_create_flags_t create_flags) uint32_t kv_create_flags)
{ {
if ((create_flags & (~FLAGS_MSK)) != 0) {
return PSA_ERROR_NOT_SUPPORTED;
}
if (uid == 0) { if (uid == 0) {
return PSA_ERROR_INVALID_ARGUMENT; return PSA_ERROR_INVALID_ARGUMENT;
} }
@ -198,11 +194,6 @@ psa_status_t psa_storage_set_impl(KVStore *kvstore, int32_t pid, psa_storage_uid
char kv_key[PSA_STORAGE_FILE_NAME_MAX] = {'\0'}; char kv_key[PSA_STORAGE_FILE_NAME_MAX] = {'\0'};
generate_fn(kv_key, PSA_STORAGE_FILE_NAME_MAX, uid, pid); generate_fn(kv_key, PSA_STORAGE_FILE_NAME_MAX, uid, pid);
uint32_t kv_create_flags = 0;
if (create_flags & PSA_STORAGE_FLAG_WRITE_ONCE) {
kv_create_flags = KVStore::WRITE_ONCE_FLAG;
}
int status = kvstore->set(kv_key, p_data, data_length, kv_create_flags); int status = kvstore->set(kv_key, p_data, data_length, kv_create_flags);
return convert_status(status); return convert_status(status);

View File

@ -36,7 +36,7 @@ typedef psa_status_t (*migrate_func_t)(mbed::KVStore *kvstore, const psa_storage
void psa_storage_handle_version(mbed::KVStore *kvstore, const char *version_key, const psa_storage_version_t *version, void psa_storage_handle_version(mbed::KVStore *kvstore, const char *version_key, const psa_storage_version_t *version,
migrate_func_t migrate_func); migrate_func_t migrate_func);
psa_status_t psa_storage_set_impl(mbed::KVStore *kvstore, int32_t pid, psa_storage_uid_t uid, uint32_t data_length, const void *p_data, psa_storage_create_flags_t create_flags); psa_status_t psa_storage_set_impl(mbed::KVStore *kvstore, int32_t pid, psa_storage_uid_t uid, uint32_t data_length, const void *p_data, uint32_t kv_create_flags);
psa_status_t psa_storage_get_impl(mbed::KVStore *kvstore, int32_t pid, psa_storage_uid_t uid, uint32_t data_offset, uint32_t data_length, void *p_data); psa_status_t psa_storage_get_impl(mbed::KVStore *kvstore, int32_t pid, psa_storage_uid_t uid, uint32_t data_offset, uint32_t data_length, void *p_data);
psa_status_t psa_storage_get_info_impl(mbed::KVStore *kvstore, int32_t pid, psa_storage_uid_t uid, struct psa_storage_info_t *p_info); psa_status_t psa_storage_get_info_impl(mbed::KVStore *kvstore, int32_t pid, psa_storage_uid_t uid, struct psa_storage_info_t *p_info);
psa_status_t psa_storage_remove_impl(mbed::KVStore *kvstore, int32_t pid, psa_storage_uid_t uid); psa_status_t psa_storage_remove_impl(mbed::KVStore *kvstore, int32_t pid, psa_storage_uid_t uid);

View File

@ -87,6 +87,10 @@ psa_status_t psa_its_set_impl(int32_t pid, psa_storage_uid_t uid, uint32_t data_
its_init(); its_init();
} }
if (create_flags & ~PSA_STORAGE_FLAG_WRITE_ONCE) {
return PSA_ERROR_NOT_SUPPORTED;
}
return psa_storage_set_impl(kvstore, pid, uid, data_length, p_data, create_flags); return psa_storage_set_impl(kvstore, pid, uid, data_length, p_data, create_flags);
} }

View File

@ -39,6 +39,7 @@ extern "C"
#define PSA_PS_GLOBAL_PID 1 #define PSA_PS_GLOBAL_PID 1
static KVStore *kvstore = NULL; static KVStore *kvstore = NULL;
static uint32_t def_kvstore_flags = 0;
MBED_WEAK psa_status_t ps_version_migrate(KVStore *kvstore, MBED_WEAK psa_status_t ps_version_migrate(KVStore *kvstore,
const psa_storage_version_t *old_version, const psa_storage_version_t *new_version) const psa_storage_version_t *old_version, const psa_storage_version_t *new_version)
@ -61,12 +62,18 @@ static void ps_init(void)
KVMap &kv_map = KVMap::get_instance(); KVMap &kv_map = KVMap::get_instance();
psa_storage_version_t version = {PSA_PS_API_VERSION_MAJOR, PSA_PS_API_VERSION_MINOR}; psa_storage_version_t version = {PSA_PS_API_VERSION_MAJOR, PSA_PS_API_VERSION_MINOR};
kvstore = kv_map.get_main_kv_instance(STR_EXPAND(MBED_CONF_STORAGE_DEFAULT_KV)); kvstore = kv_map.get_main_kv_instance(STR_EXPAND(MBED_CONF_STORAGE_DEFAULT_KV));
if (!kvstore) { KVStore *int_kvstore = kv_map.get_internal_kv_instance(STR_EXPAND(MBED_CONF_STORAGE_DEFAULT_KV));;
if (!kvstore || !int_kvstore) {
// Can only happen due to system misconfiguration. // Can only happen due to system misconfiguration.
// Thus considered as unrecoverable error for runtime. // Thus considered as unrecoverable error for runtime.
error("Failed getting kvstore instance\n"); error("Failed getting kvstore instance\n");
} }
def_kvstore_flags = 0;
if (kvstore != int_kvstore) {
def_kvstore_flags = KVStore::REQUIRE_CONFIDENTIALITY_FLAG | KVStore::REQUIRE_REPLAY_PROTECTION_FLAG;
}
psa_storage_handle_version(kvstore, PS_VERSION_KEY, &version, ps_version_migrate); psa_storage_handle_version(kvstore, PS_VERSION_KEY, &version, ps_version_migrate);
} }
@ -83,7 +90,16 @@ psa_status_t psa_ps_set(psa_storage_uid_t uid, uint32_t data_length, const void
ps_init(); ps_init();
} }
return psa_storage_set_impl(kvstore, PSA_PS_GLOBAL_PID, uid, data_length, p_data, create_flags); if (create_flags & ~PSA_STORAGE_FLAG_WRITE_ONCE) {
return PSA_ERROR_NOT_SUPPORTED;
}
uint32_t kv_create_flags = def_kvstore_flags;
if (create_flags & PSA_STORAGE_FLAG_WRITE_ONCE) {
kv_create_flags |= KVStore::WRITE_ONCE_FLAG;
}
return psa_storage_set_impl(kvstore, PSA_PS_GLOBAL_PID, uid, data_length, p_data, kv_create_flags);
} }
psa_status_t psa_ps_get(psa_storage_uid_t uid, uint32_t data_offset, uint32_t data_length, void *p_data) psa_status_t psa_ps_get(psa_storage_uid_t uid, uint32_t data_offset, uint32_t data_length, void *p_data)