Bluetooth: Mesh: use dedicated psa ID range

Commit adds usage of the dedicated PSA ID range for mesh
instead of PSA user ID range usage.
Dedicated Mesh PSA ID range: 0xC000/0x20000000.

Signed-off-by: Aleksandr Khromykh <[email protected]>

Author: alxelax

subsys/bluetooth/mesh/Kconfig

@@ -1533,22 +1533,6 @@ config BT_MESH_USES_TFM_PSA
 
 endchoice
 
-if BT_MESH_USES_MBEDTLS_PSA || BT_MESH_USES_TFM_PSA
-
-config BT_MESH_PSA_KEY_ID_USER_MIN_OFFSET
-	int "Offset of BLE Mesh key id range regarding PSA_KEY_ID_USER_MIN"
-	default 0
-	help
-	  The PSA specification mandates to set key identifiers for keys
-	  with persistent lifetime. The users of the PSA API is responsible
-	  (BLE Mesh is user of PSA API) to provide correct and unique identifiers.
-	  The BLE Mesh identifier range should be between PSA_KEY_ID_USER_MIN and
-	  PSA_KEY_ID_USER_MAX. BLE Mesh requires two ids for each subnetwork, two ids
-	  for each application key, and two ids for the device key and device key candidate.
-	  It should consider the Mesh Configuration Database instances if database enabled.
-
-endif # BT_MESH_USES_MBEDTLS_PSA || BT_MESH_USES_TFM_PSA
-
 menu "Beacons"
 
 config BT_MESH_BEACON_ENABLED

subsys/bluetooth/mesh/crypto_psa.c

@@ -28,10 +28,9 @@ LOG_MODULE_REGISTER(bt_mesh_crypto_psa);
 #endif
 #define BT_MESH_KEY_ID_RANGE_SIZE (2 * CONFIG_BT_MESH_SUBNET_COUNT + \
 		2 * CONFIG_BT_MESH_APP_KEY_COUNT + 2 + BT_MESH_CDB_KEY_ID_RANGE_SIZE)
-#define BT_MESH_PSA_KEY_ID_USER_MIN (PSA_KEY_ID_USER_MIN + \
-		CONFIG_BT_MESH_PSA_KEY_ID_USER_MIN_OFFSET)
+#define BT_MESH_PSA_KEY_ID_MIN (0x1FFF4000ul)
 
-BUILD_ASSERT(BT_MESH_PSA_KEY_ID_USER_MIN + BT_MESH_KEY_ID_RANGE_SIZE <= PSA_KEY_ID_USER_MAX,
+BUILD_ASSERT(BT_MESH_KEY_ID_RANGE_SIZE < 0xC000,
 	"BLE Mesh PSA key id range overlaps maximum allowed boundary.");
 
 BUILD_ASSERT(PSA_MAC_LENGTH(PSA_KEY_TYPE_AES, 128, PSA_ALG_CMAC) == 16,
@@ -357,7 +356,7 @@ __weak psa_key_id_t bt_mesh_user_keyid_alloc(void)
 	for (int i = 0; i < BT_MESH_KEY_ID_RANGE_SIZE; i++) {
 		if (!atomic_test_bit(pst_keys, i)) {
 			atomic_set_bit(pst_keys, i);
-			return BT_MESH_PSA_KEY_ID_USER_MIN + i;
+			return BT_MESH_PSA_KEY_ID_MIN + i;
 		}
 	}
 
@@ -366,9 +365,9 @@ __weak psa_key_id_t bt_mesh_user_keyid_alloc(void)
 
 __weak int bt_mesh_user_keyid_free(psa_key_id_t key_id)
 {
-	if (IN_RANGE(key_id, BT_MESH_PSA_KEY_ID_USER_MIN,
-			BT_MESH_PSA_KEY_ID_USER_MIN + BT_MESH_KEY_ID_RANGE_SIZE - 1)) {
-		atomic_clear_bit(pst_keys, key_id - BT_MESH_PSA_KEY_ID_USER_MIN);
+	if (IN_RANGE(key_id, BT_MESH_PSA_KEY_ID_MIN,
+			BT_MESH_PSA_KEY_ID_MIN + BT_MESH_KEY_ID_RANGE_SIZE - 1)) {
+		atomic_clear_bit(pst_keys, key_id - BT_MESH_PSA_KEY_ID_MIN);
 		return 0;
 	}
 
@@ -377,9 +376,9 @@ __weak int bt_mesh_user_keyid_free(psa_key_id_t key_id)
 
 __weak void bt_mesh_user_keyid_assign(psa_key_id_t key_id)
 {
-	if (IN_RANGE(key_id, BT_MESH_PSA_KEY_ID_USER_MIN,
-				BT_MESH_PSA_KEY_ID_USER_MIN + BT_MESH_KEY_ID_RANGE_SIZE - 1)) {
-		atomic_set_bit(pst_keys, key_id - BT_MESH_PSA_KEY_ID_USER_MIN);
+	if (IN_RANGE(key_id, BT_MESH_PSA_KEY_ID_MIN,
+				BT_MESH_PSA_KEY_ID_MIN + BT_MESH_KEY_ID_RANGE_SIZE - 1)) {
+		atomic_set_bit(pst_keys, key_id - BT_MESH_PSA_KEY_ID_MIN);
 	}
 }
 

tests/bsim/bluetooth/mesh/src/distribute_keyid.c

@@ -24,9 +24,8 @@ LOG_MODULE_REGISTER(LOG_MODULE_NAME);
 #endif
 #define BT_MESH_KEY_ID_RANGE_SIZE (2 * CONFIG_BT_MESH_SUBNET_COUNT + \
 		2 * CONFIG_BT_MESH_APP_KEY_COUNT + 1 + BT_MESH_CDB_KEY_ID_RANGE_SIZE)
-#define BT_MESH_PSA_KEY_ID_USER_MIN (PSA_KEY_ID_USER_MIN + \
-		CONFIG_BT_MESH_PSA_KEY_ID_USER_MIN_OFFSET)
-#define BT_MESH_TEST_PSA_KEY_ID_USER_MIN (BT_MESH_PSA_KEY_ID_USER_MIN + \
+#define BT_MESH_PSA_KEY_ID_MIN (0x1FFF4000ul)
+#define BT_MESH_TEST_PSA_KEY_ID_MIN (BT_MESH_PSA_KEY_ID_MIN + \
 		BT_MESH_KEY_ID_RANGE_SIZE * get_device_nbr())
 
 static ATOMIC_DEFINE(pst_keys, BT_MESH_KEY_ID_RANGE_SIZE);
@@ -37,9 +36,9 @@ psa_key_id_t bt_mesh_user_keyid_alloc(void)
 		if (!atomic_test_bit(pst_keys, i)) {
 			atomic_set_bit(pst_keys, i);
 
-			LOG_INF("key id %d is allocated", BT_MESH_TEST_PSA_KEY_ID_USER_MIN + i);
+			LOG_INF("key id %d is allocated", BT_MESH_TEST_PSA_KEY_ID_MIN + i);
 
-			return BT_MESH_TEST_PSA_KEY_ID_USER_MIN + i;
+			return BT_MESH_TEST_PSA_KEY_ID_MIN + i;
 		}
 	}
 
@@ -48,9 +47,9 @@ psa_key_id_t bt_mesh_user_keyid_alloc(void)
 
 int bt_mesh_user_keyid_free(psa_key_id_t key_id)
 {
-	if (IN_RANGE(key_id, BT_MESH_TEST_PSA_KEY_ID_USER_MIN,
-			BT_MESH_TEST_PSA_KEY_ID_USER_MIN + BT_MESH_KEY_ID_RANGE_SIZE - 1)) {
-		atomic_clear_bit(pst_keys, key_id - BT_MESH_TEST_PSA_KEY_ID_USER_MIN);
+	if (IN_RANGE(key_id, BT_MESH_TEST_PSA_KEY_ID_MIN,
+			BT_MESH_TEST_PSA_KEY_ID_MIN + BT_MESH_KEY_ID_RANGE_SIZE - 1)) {
+		atomic_clear_bit(pst_keys, key_id - BT_MESH_TEST_PSA_KEY_ID_MIN);
 
 		LOG_INF("key id %d is freed", key_id);
 
@@ -62,9 +61,9 @@ int bt_mesh_user_keyid_free(psa_key_id_t key_id)
 
 void bt_mesh_user_keyid_assign(psa_key_id_t key_id)
 {
-	if (IN_RANGE(key_id, BT_MESH_TEST_PSA_KEY_ID_USER_MIN,
-			BT_MESH_TEST_PSA_KEY_ID_USER_MIN + BT_MESH_KEY_ID_RANGE_SIZE - 1)) {
-		atomic_set_bit(pst_keys, key_id - BT_MESH_TEST_PSA_KEY_ID_USER_MIN);
+	if (IN_RANGE(key_id, BT_MESH_TEST_PSA_KEY_ID_MIN,
+			BT_MESH_TEST_PSA_KEY_ID_MIN + BT_MESH_KEY_ID_RANGE_SIZE - 1)) {
+		atomic_set_bit(pst_keys, key_id - BT_MESH_TEST_PSA_KEY_ID_MIN);
 		LOG_INF("key id %d is assigned", key_id);
 	} else {
 		LOG_WRN("key id %d is out of the reserved id range", key_id);