TF-M Reference Manual  1.2.0
TrustedFirmware-M
 All Data Structures Files Functions Variables Typedefs Enumerations Enumerator Macros Groups Pages
tfm_protected_storage.c
Go to the documentation of this file.
1 /*
2  * Copyright (c) 2019-2020, Arm Limited. All rights reserved.
3  *
4  * SPDX-License-Identifier: BSD-3-Clause
5  *
6  */
7 
9 #include "ps_object_system.h"
10 #include "tfm_ps_defs.h"
11 
13 {
14  psa_status_t err;
15 
16  err = ps_system_prepare();
17 #ifdef PS_CREATE_FLASH_LAYOUT
18  /* If PS_CREATE_FLASH_LAYOUT is set, it indicates that it is required to
19  * create a PS flash layout. PS service will generate an empty and valid
20  * PS flash layout to store assets. It will erase all data located in the
21  * assigned PS memory area before generating the PS layout.
22  * This flag is required to be set if the PS memory area is located in
23  * non-persistent memory.
24  * This flag can be set if the PS memory area is located in persistent
25  * memory without a previous valid PS flash layout in it. That is the case
26  * when it is the first time in the device life that the PS service is
27  * executed.
28  */
29  if (err != PSA_SUCCESS) {
30  /* Remove all data in the PS memory area and create a valid PS flash
31  * layout in that area.
32  */
33  err = ps_system_wipe_all();
34  if (err != PSA_SUCCESS) {
35  return err;
36  }
37 
38  /* Attempt to initialise again */
39  err = ps_system_prepare();
40  }
41 #endif /* PS_CREATE_FLASH_LAYOUT */
42 
43  return err;
44 }
45 
46 psa_status_t tfm_ps_set(int32_t client_id,
48  uint32_t data_length,
49  psa_storage_create_flags_t create_flags)
50 {
51  /* Check that the UID is valid */
52  if (uid == TFM_PS_INVALID_UID) {
54  }
55 
56  /* Check that the create_flags does not contain any unsupported flags */
57  if (create_flags & ~(PSA_STORAGE_FLAG_WRITE_ONCE |
61  }
62 
63  /* Create the object in the object system */
64  return ps_object_create(uid, client_id, create_flags, data_length);
65 }
66 
67 psa_status_t tfm_ps_get(int32_t client_id,
69  uint32_t data_offset,
70  uint32_t data_size,
71  size_t *p_data_length)
72 {
73  /* Check that the UID is valid */
74  if (uid == TFM_PS_INVALID_UID) {
76  }
77 
78  /* Read the object data from the object system */
79  return ps_object_read(uid, client_id, data_offset, data_size,
80  p_data_length);
81 }
82 
84  struct psa_storage_info_t *p_info)
85 {
86  /* Check that the UID is valid */
87  if (uid == TFM_PS_INVALID_UID) {
89  }
90 
91  /* Get the info struct data from the object system */
92  return ps_object_get_info(uid, client_id, p_info);
93 }
94 
96 {
97  psa_status_t err;
98 
99  /* Check that the UID is valid */
100  if (uid == TFM_PS_INVALID_UID) {
102  }
103 
104  /* Delete the object from the object system */
105  err = ps_object_delete(uid, client_id);
106 
107  /* PSA_ERROR_INVALID_SIGNATURE is not supported by psa_ps_remove
108  * specification. So, this function returns TFM_PS_ERR_OPERATION_FAILED
109  * instead.
110  */
111  if (err == PSA_ERROR_INVALID_SIGNATURE) {
113  }
114 
115  return err;
116 }
117 
118 uint32_t tfm_ps_get_support(void)
119 {
120  /*
121  * This function returns a bitmask with flags set for all of the optional
122  * features supported by the PS service implementation.
123  *
124  * PS service does not support the optional extended PSA PS API yet.
125  */
126 
127  return 0;
128 }
#define PSA_ERROR_INVALID_SIGNATURE
#define PSA_STORAGE_FLAG_NO_CONFIDENTIALITY
#define PSA_SUCCESS
Definition: crypto_values.h:35
uint32_t tfm_ps_get_support(void)
Gets a bitmask with flags set for all of the optional features supported by the implementation.
#define PSA_STORAGE_FLAG_WRITE_ONCE
psa_status_t ps_object_get_info(psa_storage_uid_t uid, int32_t client_id, struct psa_storage_info_t *info)
Gets the asset information for the object with the provided UID and client ID.
#define PSA_ERROR_GENERIC_ERROR
Definition: crypto_values.h:43
#define PSA_ERROR_INVALID_ARGUMENT
psa_status_t tfm_ps_get(int32_t client_id, psa_storage_uid_t uid, uint32_t data_offset, uint32_t data_size, size_t *p_data_length)
Gets the asset data for the provided uid.
psa_status_t tfm_ps_init(void)
Initializes the protected storage system.
#define PSA_STORAGE_FLAG_NO_REPLAY_PROTECTION
psa_status_t ps_object_delete(psa_storage_uid_t uid, int32_t client_id)
Deletes the object with the provided UID and client ID.
#define PSA_ERROR_NOT_SUPPORTED
Definition: crypto_values.h:52
psa_status_t tfm_ps_set(int32_t client_id, psa_storage_uid_t uid, uint32_t data_length, psa_storage_create_flags_t create_flags)
Creates a new or modifies an existing asset.
psa_status_t tfm_ps_get_info(int32_t client_id, psa_storage_uid_t uid, struct psa_storage_info_t *p_info)
Gets the metadata for the provided uid.
uint64_t psa_storage_uid_t
psa_status_t ps_object_create(psa_storage_uid_t uid, int32_t client_id, psa_storage_create_flags_t create_flags, uint32_t size)
Creates a new object with the provided UID and client ID.
psa_status_t ps_object_read(psa_storage_uid_t uid, int32_t client_id, uint32_t offset, uint32_t size, size_t *p_data_length)
Gets the data of the object with the provided UID and client ID.
#define TFM_PS_INVALID_UID
Definition: tfm_ps_defs.h:16
uint32_t psa_storage_create_flags_t
psa_status_t tfm_ps_remove(int32_t client_id, psa_storage_uid_t uid)
Removes the provided uid and its associated data from storage.
int32_t psa_status_t
Function return status.
Definition: crypto_types.h:43
psa_status_t ps_system_wipe_all(void)
Wipes the protected storage system and all object data.
psa_status_t ps_system_prepare(void)
Prepares the protected storage system for usage, populating internal structures. It identifies and va...