Improve documentation of SE driver persistent state

Explain what it can be used for and when it is saved to storage.
This commit is contained in:
Gilles Peskine 2019-07-25 14:04:38 +02:00
parent 2e0f388d2a
commit 0c3ae1f0b4

View file

@ -55,8 +55,13 @@ extern "C" {
typedef struct { typedef struct {
/** A read-only pointer to the driver's persistent data. /** A read-only pointer to the driver's persistent data.
* *
* The PSA Cryptography core saves the persistent data from one * Drivers typically use this persistent data to keep track of
* session to the next. * which slot numbers are available. This is only a guideline:
* drivers may use the persistent data for any purpose, keeping
* in mind the restrictions on when the persistent data is saved
* to storage: the persistent data is only saved after calling
* certain functions that receive a writable pointer to the
* persistent data.
* *
* The core allocates a memory buffer for the persistent data. * The core allocates a memory buffer for the persistent data.
* The pointer is guaranteed to be suitably aligned for any data type, * The pointer is guaranteed to be suitably aligned for any data type,
@ -74,7 +79,23 @@ typedef struct {
* *
* This pointer is to read-only data. Only a few driver functions are * This pointer is to read-only data. Only a few driver functions are
* allowed to modify the persistent data. These functions receive a * allowed to modify the persistent data. These functions receive a
* writable pointer. * writable pointer. These functions are:
* - psa_drv_se_t::p_init
* - psa_drv_se_key_management_t::p_allocate
* - psa_drv_se_key_management_t::p_destroy
*
* The PSA Cryptography core saves the persistent data from one
* session to the next. It does this before returning from API functions
* that call a driver method that is allowed to modify the persistent
* data, specifically:
* - psa_crypto_init() causes a call to psa_drv_se_t::p_init, and may call
* psa_drv_se_key_management_t::p_destroy to complete an action
* that was interrupted by a power failure.
* - Key creation functions cause a call to
* psa_drv_se_key_management_t::p_allocate, and may cause a call to
* psa_drv_se_key_management_t::p_destroy in case an error occurs.
* - psa_destroy_key() causes a call to
* psa_drv_se_key_management_t::p_destroy.
*/ */
const void *const persistent_data; const void *const persistent_data;
@ -1118,7 +1139,14 @@ typedef struct {
*/ */
uint32_t hal_version; uint32_t hal_version;
/** The size of the driver's persistent data in bytes. */ /** The size of the driver's persistent data in bytes.
*
* This can be 0 if the driver does not need persistent data.
*
* See the documentation of psa_drv_se_context_t::persistent_data
* for more information about why and how a driver can use
* persistent data.
*/
size_t persistent_data_size; size_t persistent_data_size;
/** The driver initialization function. /** The driver initialization function.