TF-M Reference Manual  1.2.0
TrustedFirmware-M
 All Data Structures Files Functions Variables Typedefs Enumerations Enumerator Macros Groups Pages
tfm_ps_secure_api.c File Reference
#include "psa/protected_storage.h"
#include "tfm_veneers.h"
Include dependency graph for tfm_ps_secure_api.c:

Go to the source code of this file.

Macros

#define IOVEC_LEN(x)   (sizeof(x)/sizeof(x[0]))
 

Functions

psa_status_t psa_ps_set (psa_storage_uid_t uid, size_t data_length, const void *p_data, psa_storage_create_flags_t create_flags)
 Create a new, or modify an existing, uid/value pair. More...
 
psa_status_t psa_ps_get (psa_storage_uid_t uid, size_t data_offset, size_t data_size, void *p_data, size_t *p_data_length)
 Retrieve data associated with a provided uid. More...
 
psa_status_t psa_ps_get_info (psa_storage_uid_t uid, struct psa_storage_info_t *p_info)
 Retrieve the metadata about the provided uid. More...
 
psa_status_t psa_ps_remove (psa_storage_uid_t uid)
 Remove the provided uid and its associated data from the storage. More...
 
psa_status_t psa_ps_create (psa_storage_uid_t uid, size_t size, psa_storage_create_flags_t create_flags)
 Reserves storage for the specified uid. More...
 
psa_status_t psa_ps_set_extended (psa_storage_uid_t uid, size_t data_offset, size_t data_length, const void *p_data)
 Sets partial data into an asset. More...
 
uint32_t psa_ps_get_support (void)
 Lists optional features. More...
 

Macro Definition Documentation

#define IOVEC_LEN (   x)    (sizeof(x)/sizeof(x[0]))

Definition at line 14 of file tfm_ps_secure_api.c.

Function Documentation

psa_status_t psa_ps_create ( psa_storage_uid_t  uid,
size_t  capacity,
psa_storage_create_flags_t  create_flags 
)

Reserves storage for the specified uid.

Upon success, the capacity of the storage will be capacity, and the size will be 0. It is only necessary to call this function for assets that will be written with the psa_ps_set_extended function. If only the psa_ps_set function is needed, calls to this function are redundant.

Parameters
[in]uidThe uid value
[in]capacityThe capacity to be allocated in bytes
[in]create_flagsFlags indicating properties of storage
Returns
A status indicating the success/failure of the operation
Return values
PSA_SUCCESSThe operation completed successfully
PSA_ERROR_STORAGE_FAILUREThe operation failed because the physical storage has failed (Fatal error)
PSA_ERROR_INSUFFICIENT_STORAGEThe operation failed because the capacity is bigger than the current available space
PSA_ERROR_NOT_SUPPORTEDThe operation failed because the function is not implemented or one or more create_flags are not supported.
PSA_ERROR_INVALID_ARGUMENTThe operation failed because uid was 0 or create_flags specified flags that are not defined in the API.
PSA_ERROR_GENERIC_ERRORThe operation failed due to an unspecified error
PSA_ERROR_ALREADY_EXISTSStorage for the specified uid already exists

Definition at line 189 of file tfm_ps_secure_api.c.

psa_status_t psa_ps_get ( psa_storage_uid_t  uid,
size_t  data_offset,
size_t  data_size,
void *  p_data,
size_t *  p_data_length 
)

Retrieve data associated with a provided uid.

Retrieves up to data_size bytes of the data associated with uid, starting at data_offset bytes from the beginning of the data. Upon successful completion, the data will be placed in the p_data buffer, which must be at least data_size bytes in size. The length of the data returned will be in p_data_length. If data_size is 0, the contents of p_data_length will be set to zero.

Parameters
[in]uidThe uid value
[in]data_offsetThe starting offset of the data requested
[in]data_sizeThe amount of data requested
[out]p_dataOn success, the buffer where the data will be placed
[out]p_data_lengthOn success, this will contain size of the data placed in p_data
Returns
A status indicating the success/failure of the operation
Return values
PSA_SUCCESSThe operation completed successfully
PSA_ERROR_INVALID_ARGUMENTThe operation failed because one of the provided arguments (p_data, p_data_length) is invalid, for example is NULL or references memory the caller cannot access. In addition, this can also happen if data_offset is larger than the size of the data associated with uid
PSA_ERROR_DOES_NOT_EXISTThe operation failed because the provided uid value was not found in the storage
PSA_ERROR_STORAGE_FAILUREThe operation failed because the physical storage has failed (Fatal error)
PSA_ERROR_GENERIC_ERRORThe operation failed because of an unspecified internal failure
PSA_ERROR_DATA_CORRUPTThe operation failed because the data associated with the UID was corrupt
PSA_ERROR_INVALID_SIGNATUREThe operation failed because the data associated with the UID failed authentication

Definition at line 61 of file tfm_ps_secure_api.c.

Here is the call graph for this function:

psa_status_t psa_ps_get_info ( psa_storage_uid_t  uid,
struct psa_storage_info_t p_info 
)

Retrieve the metadata about the provided uid.

Retrieves the metadata stored for a given uid

Parameters
[in]uidThe uid value
[out]p_infoA pointer to the psa_storage_info_t struct that will be populated with the metadata
Returns
A status indicating the success/failure of the operation
Return values
PSA_SUCCESSThe operation completed successfully
PSA_ERROR_INVALID_ARGUMENTThe operation failed because one of the provided pointers(p_info) is invalid, for example is NULL or references memory the caller cannot access
PSA_ERROR_DOES_NOT_EXISTThe operation failed because the provided uid value was not found in the storage
PSA_ERROR_STORAGE_FAILUREThe operation failed because the physical storage has failed (Fatal error)
PSA_ERROR_GENERIC_ERRORThe operation failed because of an unspecified internal failure
PSA_ERROR_DATA_CORRUPTThe operation failed because the data associated with the UID was corrupt

Definition at line 115 of file tfm_ps_secure_api.c.

Here is the call graph for this function:

uint32_t psa_ps_get_support ( void  )

Lists optional features.

Returns
A bitmask with flags set for all of the optional features supported by the implementation.Currently defined flags are limited to PSA_STORAGE_SUPPORT_SET_EXTENDED

Definition at line 212 of file tfm_ps_secure_api.c.

Here is the call graph for this function:

psa_status_t psa_ps_remove ( psa_storage_uid_t  uid)

Remove the provided uid and its associated data from the storage.

Removes previously stored data and any associated metadata, including rollback protection data.

Parameters
[in]uidThe uid value
Returns
A status indicating the success/failure of the operation
Return values
PSA_SUCCESSThe operation completed successfully
PSA_ERROR_INVALID_ARGUMENTThe operation failed because one or more of the given arguments were invalid (null pointer, wrong flags and so on)
PSA_ERROR_DOES_NOT_EXISTThe operation failed because the provided uid value was not found in the storage
PSA_ERROR_NOT_PERMITTEDThe operation failed because the provided uid value was created with PSA_STORAGE_FLAG_WRITE_ONCE
PSA_ERROR_STORAGE_FAILUREThe operation failed because the physical storage has failed (Fatal error)
PSA_ERROR_GENERIC_ERRORThe operation failed because of an unspecified internal failure

Definition at line 154 of file tfm_ps_secure_api.c.

Here is the call graph for this function:

psa_status_t psa_ps_set ( psa_storage_uid_t  uid,
size_t  data_length,
const void *  p_data,
psa_storage_create_flags_t  create_flags 
)

Create a new, or modify an existing, uid/value pair.

Stores data in the protected storage.

Parameters
[in]uidThe identifier for the data
[in]data_lengthThe size in bytes of the data in p_data
[in]p_dataA buffer containing the data
[in]create_flagsThe flags that the data will be stored with
Returns
A status indicating the success/failure of the operation
Return values
PSA_SUCCESSThe operation completed successfully
PSA_ERROR_NOT_PERMITTEDThe operation failed because the provided uid value was already created with PSA_STORAGE_FLAG_WRITE_ONCE
PSA_ERROR_INVALID_ARGUMENTThe operation failed because one of the provided pointers(p_data) is invalid, for example is NULL or references memory the caller cannot access
PSA_ERROR_NOT_SUPPORTEDThe operation failed because one or more of the flags provided in create_flags is not supported or is not valid
PSA_ERROR_INSUFFICIENT_STORAGEThe operation failed because there was insufficient space on the storage medium
PSA_ERROR_STORAGE_FAILUREThe operation failed because the physical storage has failed (Fatal error)
PSA_ERROR_GENERIC_ERRORThe operation failed because of an unspecified internal failure

Definition at line 17 of file tfm_ps_secure_api.c.

Here is the call graph for this function:

psa_status_t psa_ps_set_extended ( psa_storage_uid_t  uid,
size_t  data_offset,
size_t  data_length,
const void *  p_data 
)

Sets partial data into an asset.

Before calling this function, the storage must have been reserved with a call to psa_ps_create. It can also be used to overwrite data in an asset that was created with a call to psa_ps_set. Calling this function with data_length = 0 is permitted, which will make no change to the stored data.This function can overwrite existing data and/or extend it up to the capacity for the uid specified in psa_ps_create, but cannot create gaps.

That is, it has preconditions:

  • data_offset <= size
  • data_offset + data_length <= capacity and postconditions:
  • size = max(size, data_offset + data_length)
  • capacity unchanged.
Parameters
[in]uidThe uid value
[in]data_offsetOffset within the asset to start the write
[in]data_lengthThe size in bytes of the data in p_data to write
[in]p_dataPointer to a buffer which contains the data to write
Returns
A status indicating the success/failure of the operation
Return values
PSA_SUCCESSThe asset exists, the input parameters are correct and the data is correctly written in the physical storage.
PSA_ERROR_STORAGE_FAILUREThe data was not written correctly in the physical storage
PSA_ERROR_INVALID_ARGUMENTThe operation failed because one or more of the preconditions listed above regarding data_offset, size, or data_length was violated.
PSA_ERROR_DOES_NOT_EXISTThe specified uid was not found
PSA_ERROR_NOT_SUPPORTEDThe implementation of the API does not support this function
PSA_ERROR_GENERIC_ERRORThe operation failed due to an unspecified error
PSA_ERROR_DATA_CORRUPTThe operation failed because the existing data has been corrupted.
PSA_ERROR_INVALID_SIGNATUREThe operation failed because the existing data failed authentication (MAC check failed).
PSA_ERROR_NOT_PERMITTEDThe operation failed because it was attempted on an asset which was written with the flag PSA_STORAGE_FLAG_WRITE_ONCE

Definition at line 200 of file tfm_ps_secure_api.c.