secure_storage: change dependencies on settings and flash

The commit changes dependencies on SETTINGS and FLASH to avoid circular dependencies if security storage subsystem users select them too. Signed-off-by: Aleksandr Khromykh <[email protected]>
zephyrproject-rtos · Dec 3, 2024 · e3ee4e9 · e3ee4e9
1 parent 869d297
commit e3ee4e9
Show file tree

Hide file tree

Showing 7 changed files with 32 additions and 7 deletions.
diff --git a/doc/releases/migration-guide-4.1.rst b/doc/releases/migration-guide-4.1.rst
@@ -260,6 +260,18 @@ Other Subsystems
 Flash map
 =========
 
+Secure storage
+==============
+
+* The :kconfig:option:`CONFIG_SECURE_STORAGE_ITS_STORE_MODULE` symbol no longer implies the
+  :kconfig:option:`CONFIG_FLASH` Kconfig option. Platforms using Secure storage must explicitly enable it.
+
+* The :kconfig:option:`CONFIG_SECURE_STORAGE_ITS_STORE_IMPLEMENTATION_SETTINGS` symbol no longer implies the
+  :kconfig:option:`CONFIG_FLASH_MAP` and :kconfig:option:`CONFIG_NVS` Kconfig options.
+  It no longer selects the :kconfig:option:`CONFIG_SETTINGS` Kconfig option either.
+  Platforms using Secure storage must explicitly enable :kconfig:option:`CONFIG_FLASH_MAP`,
+  :kconfig:option:`CONFIG_SETTINGS` and the desired storage system (e.g. :kconfig:option:`CONFIG_ZMS`).
+
 hawkBit
 =======
 

diff --git a/samples/psa/its/overlay-secure_storage.conf b/samples/psa/its/overlay-secure_storage.conf
@@ -7,4 +7,8 @@ CONFIG_MBEDTLS_PSA_CRYPTO_C=y
 # On top of that, the ITS implementation uses the stack for buffers.
 CONFIG_MAIN_STACK_SIZE=3072
 
+CONFIG_FLASH=y
+CONFIG_FLASH_MAP=y
+CONFIG_NVS=y
+CONFIG_SETTINGS=y
 CONFIG_SECURE_STORAGE=y
diff --git a/samples/psa/persistent_key/overlay-secure_storage.conf b/samples/psa/persistent_key/overlay-secure_storage.conf
@@ -7,4 +7,8 @@ CONFIG_MBEDTLS_PSA_CRYPTO_C=y
 # On top of that, the ITS implementation uses the stack for buffers.
 CONFIG_MAIN_STACK_SIZE=3072
 
+CONFIG_FLASH=y
+CONFIG_FLASH_MAP=y
+CONFIG_NVS=y
+CONFIG_SETTINGS=y
 CONFIG_SECURE_STORAGE=y
diff --git a/subsys/secure_storage/Kconfig b/subsys/secure_storage/Kconfig
@@ -65,7 +65,6 @@ endif
 
 menuconfig SECURE_STORAGE_ITS_STORE_MODULE
 	bool "ITS store module"
-	imply FLASH # for FLASH_HAS_DRIVER_ENABLED
 	help
 	  The module that handles the storage/retrieval of the ITS data to/from NVM.
 	  Zephyr's ITS implementation calls into it.

diff --git a/subsys/secure_storage/Kconfig.its_store b/subsys/secure_storage/Kconfig.its_store
@@ -7,12 +7,10 @@ choice SECURE_STORAGE_ITS_STORE_IMPLEMENTATION
 config SECURE_STORAGE_ITS_STORE_IMPLEMENTATION_SETTINGS
 	bool "ITS store module implementation using the settings subsystem for storage"
 	DT_STORAGE_PARTITION := $(dt_nodelabel_path,storage_partition)
-	depends on FLASH_HAS_DRIVER_ENABLED \
-		&& $(dt_path_enabled,$(DT_STORAGE_PARTITION)) \
-		&& $(dt_node_has_compat,$(dt_node_parent,$(DT_STORAGE_PARTITION)),fixed-partitions)
-	imply FLASH_MAP
-	imply NVS
-	select SETTINGS
+	depends on FLASH_HAS_DRIVER_ENABLED
+	depends on $(dt_path_enabled,$(DT_STORAGE_PARTITION))
+	depends on $(dt_node_has_compat,$(dt_node_parent,$(DT_STORAGE_PARTITION)),fixed-partitions)
+	depends on SETTINGS
 
 config SECURE_STORAGE_ITS_STORE_IMPLEMENTATION_NONE
 	bool "No ITS store module implementation"

diff --git a/tests/subsys/secure_storage/psa/crypto/overlay-secure_storage.conf b/tests/subsys/secure_storage/psa/crypto/overlay-secure_storage.conf
@@ -8,6 +8,10 @@ CONFIG_TIMER_RANDOM_GENERATOR=y
 CONFIG_COMMON_LIBC_MALLOC_ARENA_SIZE=2048
 CONFIG_MBEDTLS_PSA_CRYPTO_C=y
 
+CONFIG_FLASH=y
+CONFIG_FLASH_MAP=y
+CONFIG_NVS=y
+CONFIG_SETTINGS=y
 CONFIG_SECURE_STORAGE=y
 # For testing isolation between the different callers of the ITS.
 CONFIG_SECURE_STORAGE_PS_IMPLEMENTATION_ITS=y
diff --git a/tests/subsys/secure_storage/psa/its/overlay-default_store.conf b/tests/subsys/secure_storage/psa/its/overlay-default_store.conf
@@ -1,2 +1,6 @@
+CONFIG_FLASH=y
+CONFIG_FLASH_MAP=y
+CONFIG_NVS=y
+CONFIG_SETTINGS=y
 # Limit the space available for the maximum entry test to not take too long.
 CONFIG_SETTINGS_NVS_SECTOR_COUNT=2