[nrf fromlist] secure_storage: make UIDs 32-bit #3161
Merged
+194
−84
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Make the storage UID type 32-bit long. This makes it more convenient to use those UIDs as storage entry IDs when storing the entries to NVM. The previous 64+ bits UIDs made it incovenient to use them as such. As Zephyr defines UID ranges to be used (see e.g. `zephyr/psa/key_ids.h`), this guarantees that all the UIDs will fit within the 30 bits reserved for them. The secure storage ITS implementation API is changed to take `psa_storage_uid_t` separately so the implementation can check that no forbidden bits are set before they are packed into `secure_storage_its_uid_t`. This change breaks backward compatibility because `secure_storage_its_uid_t`, which is used both as part of the additional data for authentication and for generating encryption keys, changes size from 12 to 4 bytes. For users wanting to preserve backward compatibility (for example when upgrading an existing installation to a newer Zephyr release) or that for some reason want to use a 64-bit `psa_storage_uid_t`, the Kconfig option CONFIG_SECURE_STORAGE_64_BIT_UID is added. When enabled, it makes the implementation behave the same as previously and compatibility with existing entries is preserved. This was tested manually. Fixes zephyrproject-rtos/zephyr#86177. Signed-off-by: Tomi Fontanilles <[email protected]> Upstream PR #: 94171
Cast the UIDs to unsigned long when they are 32 bits. This allows to use a single %l length modifier instead of the double one for long long. Certain printf implementations only support the former and not the latter length modifier, so this has the advantage to work with them now that the UIDs are 32-bit by default. Signed-off-by: Tomi Fontanilles <[email protected]> Upstream PR #: 94171
tomi-font
force-pushed
the
cherry-pick_secure_storage_its_uid_improvements
branch
from
a61e4bb to
dbee4b2
Compare
…54L15" This reverts commit ff0b9ad. Signed-off-by: Tomi Fontanilles <[email protected]>
…r 64-bit UIDs Add test scenarios for the newly-added CONFIG_SECURE_STORAGE_64_BIT_UID enabled with both the ZMS and Settings backends. They don't test backward compatibility but it makes sure that secure storage compiles and works fine with this configuration. Signed-off-by: Tomi Fontanilles <[email protected]> Upstream PR #: 94171
noup because it's about partition manager. Fix the build of secure_storage.psa.its.secure_storage.store.zms on nrf54l15dk/nrf54l15/cpuapp by disabling partition manager, which is incompatible with the ZMS implementation of the ITS store module. Disabling it only for that test as it's not needed for the others and even makes the NS board targets fail if disabling PM. Signed-off-by: Tomi Fontanilles <[email protected]>
77f19eb made ZMS depend on FLASH_MAP. Enable that Kconfig option in the ZMS Kconfig overlay file. Signed-off-by: Tomi Fontanilles <[email protected]> Upstream PR #: 94171
nrf54l15dk/nrf54l15/cpuapp already covers the non-emulated case as part of the integration_platforms. Having ophelia4ev/nrf54l15/cpuapp does not bring any additional value and increases CI load, so remove it. Signed-off-by: Tomi Fontanilles <[email protected]> Upstream PR #: 94171
Explicitly specify native_sim as integration platform for better PR CI coverage. Signed-off-by: Tomi Fontanilles <[email protected]> Upstream PR #: 94171
Instead of literally having 0x in the format string, use the %# flag character so the printf implementation adds the 0x for us. Signed-off-by: Tomi Fontanilles <[email protected]> Upstream PR #: 94171
Add a bullet point for this new, relatively important deviation from the official specification. Also, advertise the Zephyr-specific zephyr/psa/* header files as they are related and probably need more attention from end users. Signed-off-by: Tomi Fontanilles <[email protected]> Upstream PR #: 94171
tomi-font
force-pushed
the
cherry-pick_secure_storage_its_uid_improvements
branch
from
dbee4b2 to
678548b
Compare
frkv
approved these changes
Aug 11, 2025
PFnord
approved these changes
Aug 11, 2025
tomi-font
added a commit
to tomi-font/ncs
that referenced
this pull request
Aug 13, 2025
Fixup to nrfconnect/sdk-zephyr#3161. Select `CONFIG_SECURE_STORAGE_64_BIT_UID` for trusted storage backward compatibility. ref: NCSDK-34909 Signed-off-by: Tomi Fontanilles <[email protected]>
nordic-piks
pushed a commit
to nrfconnect/sdk-nrf
that referenced
this pull request
Aug 13, 2025
Fixup to nrfconnect/sdk-zephyr#3161. Select `CONFIG_SECURE_STORAGE_64_BIT_UID` for trusted storage backward compatibility. ref: NCSDK-34909 Signed-off-by: Tomi Fontanilles <[email protected]>
NordicBuilder
pushed a commit
to NordicBuilder/sdk-nrf
that referenced
this pull request
Sep 11, 2025
Fixup to nrfconnect/sdk-zephyr#3161. Select `CONFIG_SECURE_STORAGE_64_BIT_UID` for trusted storage backward compatibility. ref: NCSDK-34909 Signed-off-by: Tomi Fontanilles <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.