From 9717d107ca5bcc8d9a32b0cae64686297b942f36 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Wed, 26 Jun 2019 11:50:04 +0200
Subject: [PATCH] Explain that lifetime=0 from static initialization means
 VOLATILE

---
 library/psa_crypto_se.c | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/library/psa_crypto_se.c b/library/psa_crypto_se.c
index 814c6a003..688d4e7c8 100644
--- a/library/psa_crypto_se.c
+++ b/library/psa_crypto_se.c
@@ -27,6 +27,7 @@
 
 #if defined(MBEDTLS_PSA_CRYPTO_SE_C)
 
+#include <assert.h>
 #include <string.h>
 
 #include "psa_crypto_se.h"
@@ -47,6 +48,12 @@ psa_status_t psa_register_se_driver(
 
     if( methods->hal_version != PSA_DRV_SE_HAL_VERSION )
         return( PSA_ERROR_NOT_SUPPORTED );
+    /* Driver table entries are 0-initialized. 0 is not a valid driver
+     * lifetime because it means a volatile key. */
+#if defined(static_assert)
+    static_assert( PSA_KEY_LIFETIME_VOLATILE == 0,
+                   "Secure element support requires 0 to mean a volatile key" );
+#endif
     if( lifetime == PSA_KEY_LIFETIME_VOLATILE ||
         lifetime == PSA_KEY_LIFETIME_PERSISTENT )
     {