Reword ChangeLog entry for shared memory work

Specifically: * Clarify that passing shared buffers is now secure by default (not newly supported) * Remove spurious hyphen * Clarify that we do not guarantee copying, but rather guarantee protection, allowing us to implement this differently in future if required. * Mention both protection of inputs from modification and outputs from exposure of intermediate results. * Invert the config option, from an enable-option to a disable-option. Signed-off-by: David Horstmann <david.horstmann@arm.com>
2025-04-16 08:42:50 +00:00 · 2024-03-12 16:47:46 +00:00 · 2024-03-12 16:47:46 +00:00 · 1d3276da65
commit 1d3276da65
parent 5fb5cce066
1 changed files with 9 additions and 7 deletions
--- a/ChangeLog.d/psa-shared-memory-protection.txt
+++ b/ChangeLog.d/psa-shared-memory-protection.txt
@ -1,8 +1,10 @@
 Security
-   * Support calling PSA functions with buffer arguments that are in memory
-     shared with an untrusted party. The PSA core now makes copies of all
-     buffers before passing them to drivers to protect drivers against
-     modification of buffers during operations.
-     This feature increases code-size and memory usage. If buffers passed to
-     PSA functions are all trusted, buffer copying may be disabled by
-     unsetting MBEDTLS_PSA_COPY_CALLER_BUFFERS.
+   * Passing buffers that are stored in untrusted memory as arguments
+     to PSA functions is now secure by default.
+     The PSA core now protects against modification of inputs or exposure
+     of intermediate outputs during operations. This is currently implemented
+     by copying buffers.
+     This feature increases code size and memory usage. If buffers passed to
+     PSA functions are owned exclusively by the PSA core for the duration of
+     the function call, copying may be disabled by setting
+     MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS.