diff --git a/ChangeLog.d/psa-shared-memory-protection.txt b/ChangeLog.d/psa-shared-memory-protection.txt
new file mode 100644
index 0000000000..f4f6ea0f46
--- /dev/null
+++ b/ChangeLog.d/psa-shared-memory-protection.txt
@@ -0,0 +1,8 @@
+Security
+   * Support calling PSA functions with buffer arguments that are in memory
+     shared with an untrusted party. The PSA core now makes copies of all
+     buffers before passing them to drivers to protect drivers against
+     modification of buffers during operations.
+     This feature increases code-size and memory usage. If buffers passed to
+     PSA functions are all trusted, buffer copying may be disabled by
+     unsetting MBEDTLS_PSA_COPY_CALLER_BUFFERS.