Using the form device:set_field("test_persistent_key", 47, {persist = true})
allows a driver to persist data to flash as documented. However, I’ve seen some possibly unintended behaviour when changing between drivers for a device.
- A field value by key “K” is persisted by driver “A”.
- The user changes to another driver “B”.
- Driver “B” can read the values that driver “A” persisted if it uses the same key “K”.
- If driver “B” saves new values stored by key “K”, if changing back to driver “A” it will see incorrect data.
The issues I’ve seen:
- Its possible for sensitive data to be leaked by a driver and read by another driver if the same key is used either by accident or intentionally.
- When a driver is changed to (using the driverChanged lifecycle event) its important to reset any of the set_field persisted values to empty/nil/known values as they could have been changed by another driver. One example I’ve seen is with
device:get_field(constants.ELECTRICAL_MEASUREMENT_MULTIPLIER_KEY)
where another driver could have set a value and its not “empty” or valid upon changing to my driver.
@nayelyz Is the intended behaviour for set_field()
with persistence to live thru driver changes? If so, it may be good to document that fact in the reference guide. I was surprised that all set_field() persisted data wasn’t cleared when changing to a new driver.