zephyr/subsys/secure_storage/Kconfig.its_store

# Copyright (c) 2024 Nordic Semiconductor
# SPDX-License-Identifier: Apache-2.0

choice SECURE_STORAGE_ITS_STORE_IMPLEMENTATION
	prompt "ITS store module implementation"

DT_ITS_PARTITION := $(dt_chosen_path,secure_storage_its_partition)
DT_CHOSEN_Z_SETTINGS_PARTITION := zephyr,settings-partition
DT_SETTINGS_PARTITIION := $(dt_chosen_path,$(DT_CHOSEN_Z_SETTINGS_PARTITION))
DT_STORAGE_PARTITION := $(dt_nodelabel_path,storage_partition)

config SECURE_STORAGE_ITS_STORE_IMPLEMENTATION_ZMS
	bool "ITS store module implementation using ZMS for storage"
	depends on FLASH_HAS_DRIVER_ENABLED \
	 && $(dt_path_enabled,$(DT_ITS_PARTITION)) \
	 && $(dt_node_has_compat,$(dt_node_parent,$(DT_ITS_PARTITION)),fixed-partitions)
	depends on ZMS
	help
	  This implementation of the ITS store module makes direct use of ZMS for storage.
	  It needs a `secure_storage_its_partition` devicetree chosen property that points
	  to a fixed storage partition that will be dedicated to the ITS. It has lower
	  overhead compared to the settings-based implementation, both in terms of runtime
	  execution and storage space, and also ROM footprint if the settings subsystem is disabled.
	  As this implementations directly maps the PSA storage UIDs to ZMS entry IDs, it limits
	  their values to the first 30 bits.

config SECURE_STORAGE_ITS_STORE_IMPLEMENTATION_SETTINGS
	bool "ITS store module implementation using the settings subsystem for storage"
	depends on FLASH_HAS_DRIVER_ENABLED \
	 && (($(dt_path_enabled,$(DT_SETTINGS_PARTITIION)) \
	     && $(dt_node_has_compat,$(dt_node_parent,$(DT_SETTINGS_PARTITIION)),fixed-partitions))\
	  || ($(dt_path_enabled,$(DT_STORAGE_PARTITION)) \
	      && $(dt_node_has_compat,$(dt_node_parent,$(DT_STORAGE_PARTITION)),fixed-partitions)))
	depends on SETTINGS

config SECURE_STORAGE_ITS_STORE_IMPLEMENTATION_NONE
	bool "No ITS store module implementation"

config SECURE_STORAGE_ITS_STORE_IMPLEMENTATION_CUSTOM
	bool "Custom ITS store module implementation"
	help
	  Implement the functions declared in <zephyr/secure_storage/its/store.h>.
	  The header is made available when this Kconfig option is enabled.

endchoice # SECURE_STORAGE_ITS_STORE_IMPLEMENTATION

if SECURE_STORAGE_ITS_STORE_IMPLEMENTATION_ZMS

config SECURE_STORAGE_ITS_STORE_ZMS_SECTOR_SIZE
	int "Sector size of the ZMS partition"
	default 4096
	help
	  The sector size impacts the runtime behavior of ZMS and restricts the maximum
	  ITS entry data size (which is the sector size minus ZMS and ITS overhead).
	  Changing it will result in loss of existing data stored on a partition.
	  It must be a multiple of the flash page size on devices that require an erase.
	  See the ZMS documentation for more information.

endif # SECURE_STORAGE_ITS_STORE_IMPLEMENTATION_ZMS

if SECURE_STORAGE_ITS_STORE_IMPLEMENTATION_SETTINGS

config SECURE_STORAGE_ITS_STORE_SETTINGS_NAME_CUSTOM
	bool "Custom naming scheme for the stored settings"
	help
	  This allows to use custom names for the settings that the implementation uses
	  instead of the default naming scheme.
	  When enabling this, implement the secure_storage_its_store_settings_get_name()
	  function declared in <zephyr/secure_storage/its/store/settings_get.h>
	  and set CONFIG_SECURE_STORAGE_ITS_STORE_SETTINGS_NAME_MAX_LEN appropriately.
	  The header file is made available when this Kconfig option is enabled.

config SECURE_STORAGE_ITS_STORE_SETTINGS_PREFIX
	string "Subtree in which to store the settings, with a trailing slash. Can be empty."
	default "its/"
	depends on !SECURE_STORAGE_ITS_STORE_SETTINGS_NAME_CUSTOM

config SECURE_STORAGE_ITS_STORE_SETTINGS_NAME_MAX_LEN
	int "Maximum setting name length"
	range 2 64
	default 22 if !SECURE_STORAGE_ITS_STORE_SETTINGS_NAME_CUSTOM
	default 0

endif # SECURE_STORAGE_ITS_STORE_IMPLEMENTATION_SETTINGS