mbedtls/ChangeLog.d/psa-shared-memory-protection.txt

Security
   * Passing buffers that are stored in untrusted memory as arguments
     to PSA functions is now secure by default.
     The PSA core now protects against modification of inputs or exposure
     of intermediate outputs during operations. This is currently implemented
     by copying buffers.
     This feature increases code size and memory usage. If buffers passed to
     PSA functions are owned exclusively by the PSA core for the duration of
     the function call (i.e. no buffer parameters are stored in memory shared
     with an untrusted party), copying may be disabled by setting
     MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS.
     Note that setting this option will cause input-output buffer overlap to
     be only partially supported.
Bugfix
   * Fully support arbitrary overlap between inputs and outputs of PSA
     functions. Note that overlap is still only partially supported when
     MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS is set.
Add ChangeLog for PSA buffer sharing fix Signed-off-by: David Horstmann <david.horstmann@arm.com> 2024-03-11 17:21:54 +00:00			`Security`
Reword ChangeLog entry for shared memory work Specifically: * Clarify that passing shared buffers is now secure by default (not newly supported) * Remove spurious hyphen * Clarify that we do not guarantee copying, but rather guarantee protection, allowing us to implement this differently in future if required. * Mention both protection of inputs from modification and outputs from exposure of intermediate results. * Invert the config option, from an enable-option to a disable-option. Signed-off-by: David Horstmann <david.horstmann@arm.com> 2024-03-12 16:47:46 +00:00			`* Passing buffers that are stored in untrusted memory as arguments`
			`to PSA functions is now secure by default.`
			`The PSA core now protects against modification of inputs or exposure`
			`of intermediate outputs during operations. This is currently implemented`
			`by copying buffers.`
			`This feature increases code size and memory usage. If buffers passed to`
			`PSA functions are owned exclusively by the PSA core for the duration of`
Reword ChangeLog entry. Specifically: * Fix a grammatical typo * Mention shared memory * Mention overlap support in the security section * Improve wording Signed-off-by: David Horstmann <david.horstmann@arm.com> 2024-03-13 13:30:55 +00:00			`the function call (i.e. no buffer parameters are stored in memory shared`
			`with an untrusted party), copying may be disabled by setting`
Reword ChangeLog entry for shared memory work Specifically: * Clarify that passing shared buffers is now secure by default (not newly supported) * Remove spurious hyphen * Clarify that we do not guarantee copying, but rather guarantee protection, allowing us to implement this differently in future if required. * Mention both protection of inputs from modification and outputs from exposure of intermediate results. * Invert the config option, from an enable-option to a disable-option. Signed-off-by: David Horstmann <david.horstmann@arm.com> 2024-03-12 16:47:46 +00:00			`MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS.`
Reword ChangeLog entry. Specifically: * Fix a grammatical typo * Mention shared memory * Mention overlap support in the security section * Improve wording Signed-off-by: David Horstmann <david.horstmann@arm.com> 2024-03-13 13:30:55 +00:00			`Note that setting this option will cause input-output buffer overlap to`
			`be only partially supported.`
Add bugfix section about buffer sharing Mention that arbitrary overlap is now supported, except whenever MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS is set. Signed-off-by: David Horstmann <david.horstmann@arm.com> 2024-03-12 16:56:49 +00:00			`Bugfix`
			`* Fully support arbitrary overlap between inputs and outputs of PSA`
Reword ChangeLog entry. Specifically: * Fix a grammatical typo * Mention shared memory * Mention overlap support in the security section * Improve wording Signed-off-by: David Horstmann <david.horstmann@arm.com> 2024-03-13 13:30:55 +00:00			`functions. Note that overlap is still only partially supported when`
Add bugfix section about buffer sharing Mention that arbitrary overlap is now supported, except whenever MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS is set. Signed-off-by: David Horstmann <david.horstmann@arm.com> 2024-03-12 16:56:49 +00:00			`MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS is set.`