matter: samples: Implement factory reset for persistent storage

* Handle factory reset for secure/non-secure configurations.
* Add `FactoryReset` method to `AccessStorage`.
* Add application specific factory reset handler.

Signed-off-by: Adrian Gielniewski <adrian.gielniewski@nordicsemi.no>

Author: adigie

samples/matter/common/src/persistent_storage/backends/persistent_storage_secure.cpp

@@ -85,6 +85,28 @@ PSErrorCode PersistentStorageSecure::_SecureRemove(PersistentStorageNode *node)
 	return PSErrorCode::Failure;
 }
 
+PSErrorCode PersistentStorageSecure::_SecureFactoryReset()
+{
+	PSErrorCode error = PSErrorCode::Success;
+
+	// Remove all keys
+	for (auto it = std::begin(sUidMap.mMap); it != std::end(sUidMap.mMap) - sUidMap.FreeSlots(); ++it) {
+		psa_status_t status = psa_ps_remove(it->key);
+		if (status != PSA_SUCCESS) {
+			// Set error but try to remove all keys
+			error = PSErrorCode::Failure;
+		}
+	}
+
+	// Remove UidMap
+	psa_status_t status = psa_ps_remove(kKeyOffset);
+	if (status != PSA_SUCCESS) {
+		error = PSErrorCode::Failure;
+	}
+
+	return error;
+}
+
 psa_storage_uid_t PersistentStorageSecure::UIDFromString(char *str, bool *alreadyInTheMap)
 {
 	for (auto &it : sUidMap.mMap) {

samples/matter/common/src/persistent_storage/backends/persistent_storage_secure.h

@@ -20,12 +20,14 @@ class PersistentStorageSecure {
 	PSErrorCode _NonSecureLoad(PersistentStorageNode *node, void *data, size_t dataMaxSize, size_t &outSize);
 	PSErrorCode _NonSecureHasEntry(PersistentStorageNode *node);
 	PSErrorCode _NonSecureRemove(PersistentStorageNode *node);
+	PSErrorCode _NonSecureRemoveSubtree(const char *prefix);
 
 	PSErrorCode _SecureInit();
 	PSErrorCode _SecureStore(PersistentStorageNode *node, const void *data, size_t dataSize);
 	PSErrorCode _SecureLoad(PersistentStorageNode *node, void *data, size_t dataMaxSize, size_t &outSize);
 	PSErrorCode _SecureHasEntry(PersistentStorageNode *node);
 	PSErrorCode _SecureRemove(PersistentStorageNode *node);
+	PSErrorCode _SecureFactoryReset();
 
 private:
 	static constexpr size_t kMaxEntriesNumber = CONFIG_NCS_SAMPLE_MATTER_SECURE_STORAGE_MAX_ENTRY_NUMBER;
@@ -117,4 +119,9 @@ inline PSErrorCode PersistentStorageSecure::_NonSecureRemove(PersistentStorageNo
 	return PSErrorCode::NotSupported;
 }
 
+inline PSErrorCode PersistentStorageSecure::_NonSecureRemoveSubtree(const char *prefix)
+{
+	return PSErrorCode::NotSupported;
+}
+
 } /* namespace Nrf */

samples/matter/common/src/persistent_storage/backends/persistent_storage_settings.cpp

@@ -20,6 +20,11 @@ struct ReadEntry {
 	bool result;
 };
 
+struct DeleteSubtreeEntry {
+	const char *prefix;
+	int result;
+};
+
 /* Random magic bytes to represent an empty value.
    It is needed because Zephyr settings subsystem does not distinguish an empty value from no value. */
 constexpr uint8_t kEmptyValue[] = { 0x22, 0xa6, 0x54, 0xd1, 0x39 };
@@ -61,6 +66,24 @@ int LoadEntryCallback(const char *name, size_t entrySize, settings_read_cb readC
 
 	return 1;
 }
+
+int DeleteSubtreeCallback(const char *name, size_t entrySize, settings_read_cb readCb, void *cbArg, void *param)
+{
+	DeleteSubtreeEntry &entry = *static_cast<DeleteSubtreeEntry *>(param);
+	char fullKey[SETTINGS_MAX_NAME_LEN + 1];
+
+	// name comes from Zephyr settings subsystem so it is guaranteed to fit in the buffer.
+	(void)snprintf(fullKey, sizeof(fullKey), "%s/%s", entry.prefix, name);
+	const int result = settings_delete(fullKey);
+
+	// Return the first error, but continue removing remaining keys anyway.
+	if (entry.result == 0) {
+		entry.result = result;
+	}
+
+	return 0;
+}
+
 } /* namespace */
 
 namespace Nrf
@@ -160,4 +183,17 @@ bool PersistentStorageSettings::LoadEntry(const char *key, void *data, size_t da
 
 	return true;
 }
+
+PSErrorCode PersistentStorageSettings::_NonSecureRemoveSubtree(const char *prefix)
+{
+	DeleteSubtreeEntry entry{ prefix, 0 };
+	int result = settings_load_subtree_direct(prefix, DeleteSubtreeCallback, &entry);
+
+	if (result == 0 && entry.result == 0) {
+		return PSErrorCode::Success;
+	}
+
+	return PSErrorCode::Failure;
+}
+
 } /* namespace Nrf */

samples/matter/common/src/persistent_storage/backends/persistent_storage_settings.h

@@ -17,12 +17,14 @@ class PersistentStorageSettings {
 	PSErrorCode _NonSecureLoad(PersistentStorageNode *node, void *data, size_t dataMaxSize, size_t &outSize);
 	PSErrorCode _NonSecureHasEntry(PersistentStorageNode *node);
 	PSErrorCode _NonSecureRemove(PersistentStorageNode *node);
+	PSErrorCode _NonSecureRemoveSubtree(const char *prefix);
 
 	PSErrorCode _SecureInit();
 	PSErrorCode _SecureStore(PersistentStorageNode *node, const void *data, size_t dataSize);
 	PSErrorCode _SecureLoad(PersistentStorageNode *node, void *data, size_t dataMaxSize, size_t &outSize);
 	PSErrorCode _SecureHasEntry(PersistentStorageNode *node);
 	PSErrorCode _SecureRemove(PersistentStorageNode *node);
+	PSErrorCode _SecureFactoryReset();
 
 private:
 	bool LoadEntry(const char *key, void *data = nullptr, size_t dataMaxSize = 0, size_t *outSize = nullptr);
@@ -55,4 +57,9 @@ inline PSErrorCode PersistentStorageSettings::_SecureRemove(PersistentStorageNod
 	return PSErrorCode::NotSupported;
 }
 
+inline PSErrorCode PersistentStorageSettings::_SecureFactoryReset()
+{
+	return PSErrorCode::NotSupported;
+}
+
 } /* namespace Nrf */

samples/matter/common/src/persistent_storage/persistent_storage.h

@@ -72,13 +72,27 @@ class PersistentStorage {
 	 */
 	PSErrorCode NonSecureRemove(PersistentStorageNode *node);
 
+	/**
+	 * @brief Remove subtree from the persistent storage for given key prefix.
+	 *
+	 * @param prefix key prefix
+	 * @return true if subtree has been removed successfully.
+	 * @return false an error occurred.
+	 */
+	PSErrorCode NonSecureRemoveSubtree(const char *prefix);
+
 	/* Secure storage API counterparts.*/
 	PSErrorCode SecureInit();
 	PSErrorCode SecureStore(PersistentStorageNode *node, const void *data, size_t dataSize);
 	PSErrorCode SecureLoad(PersistentStorageNode *node, void *data, size_t dataMaxSize, size_t &outSize);
 	PSErrorCode SecureHasEntry(PersistentStorageNode *node);
 	PSErrorCode SecureRemove(PersistentStorageNode *node);
 
+	/**
+	 * @brief Perform factory reset and remove all keys.
+	 */
+	PSErrorCode SecureFactoryReset();
+
 protected:
 	PersistentStorage() = default;
 	~PersistentStorage() = default;
@@ -133,6 +147,11 @@ inline PSErrorCode PersistentStorage::NonSecureRemove(PersistentStorageNode *nod
 	return Impl()->_NonSecureRemove(node);
 }
 
+inline PSErrorCode PersistentStorage::NonSecureRemoveSubtree(const char *prefix)
+{
+	return Impl()->_NonSecureRemoveSubtree(prefix);
+}
+
 /* Secure storage API. */
 inline PSErrorCode PersistentStorage::SecureInit()
 {
@@ -160,4 +179,9 @@ inline PSErrorCode PersistentStorage::SecureRemove(PersistentStorageNode *node)
 	return Impl()->_SecureRemove(node);
 }
 
+inline PSErrorCode PersistentStorage::SecureFactoryReset()
+{
+	return Impl()->_SecureFactoryReset();
+}
+
 } /* namespace Nrf */

samples/matter/common/src/persistent_storage/persistent_storage_impl.h

@@ -31,15 +31,16 @@ class PersistentStorageImpl : public PersistentStorage
 	friend class PersistentStorage;
 
 #ifdef CONFIG_NCS_SAMPLE_MATTER_SETTINGS_STORAGE_BACKEND
-
 	using PersistentStorageSettings::_NonSecureHasEntry;
 	using PersistentStorageSettings::_NonSecureInit;
 	using PersistentStorageSettings::_NonSecureLoad;
 	using PersistentStorageSettings::_NonSecureRemove;
+	using PersistentStorageSettings::_NonSecureRemoveSubtree;
 	using PersistentStorageSettings::_NonSecureStore;
 #endif
 
 #ifdef CONFIG_NCS_SAMPLE_MATTER_SECURE_STORAGE_BACKEND
+	using PersistentStorageSecure::_SecureFactoryReset;
 	using PersistentStorageSecure::_SecureHasEntry;
 	using PersistentStorageSecure::_SecureInit;
 	using PersistentStorageSecure::_SecureLoad;

samples/matter/lock/src/access/access_storage.cpp

@@ -65,6 +65,24 @@ bool AccessStorage::Init()
 	return (Nrf::PSErrorCode::Success == Nrf::GetPersistentStorage().PSInit());
 }
 
+bool AccessStorage::FactoryReset()
+{
+	bool non_secure_result = true;
+	bool secure_result = true;
+
+#ifdef CONFIG_NCS_SAMPLE_MATTER_SETTINGS_STORAGE_BACKEND
+	non_secure_result =
+		Nrf::PSErrorCode::Success == Nrf::GetPersistentStorage().NonSecureRemoveSubtree(kAccessPrefix);
+
+#endif
+#ifdef CONFIG_NCS_SAMPLE_MATTER_SECURE_STORAGE_BACKEND
+
+	secure_result = Nrf::PSErrorCode::Success == Nrf::GetPersistentStorage().SecureFactoryReset();
+#endif
+
+	return non_secure_result && secure_result;
+}
+
 bool AccessStorage::PrepareKeyName(Type storageType, uint16_t index, uint16_t subindex)
 {
 	memset(mKeyName, '\0', sizeof(mKeyName));

samples/matter/lock/src/access/access_storage.h

@@ -63,6 +63,14 @@ class AccessStorage {
 	 */
 	bool Init();
 
+	/**
+	 * @brief Factory reset the persistent storage.
+	 *
+	 * @return true if success.
+	 * @return false otherwise.
+	 */
+	bool FactoryReset();
+
 	/**
 	 * @brief Store the entry into the persistent storage.
 	 *

samples/matter/lock/src/main.cpp

@@ -6,6 +6,7 @@
 
 #include "app_task.h"
 
+#include <access/access_storage.h>
 #include <zephyr/logging/log.h>
 
 LOG_MODULE_REGISTER(app, CONFIG_CHIP_APP_LOG_LEVEL);
@@ -17,3 +18,8 @@ int main()
 	LOG_ERR("Exited with code %" CHIP_ERROR_FORMAT, err.Format());
 	return err == CHIP_NO_ERROR ? EXIT_SUCCESS : EXIT_FAILURE;
 }
+
+bool AppFactoryResetHandler()
+{
+	return AccessStorage::Instance().FactoryReset();
+}