From 5fb5cce06602de15d7083e1021863b46d6ffc781 Mon Sep 17 00:00:00 2001 From: David Horstmann Date: Mon, 11 Mar 2024 17:21:54 +0000 Subject: [PATCH] Add ChangeLog for PSA buffer sharing fix Signed-off-by: David Horstmann --- ChangeLog.d/psa-shared-memory-protection.txt | 8 ++++++++ 1 file changed, 8 insertions(+) create mode 100644 ChangeLog.d/psa-shared-memory-protection.txt diff --git a/ChangeLog.d/psa-shared-memory-protection.txt b/ChangeLog.d/psa-shared-memory-protection.txt new file mode 100644 index 0000000000..f4f6ea0f46 --- /dev/null +++ b/ChangeLog.d/psa-shared-memory-protection.txt @@ -0,0 +1,8 @@ +Security + * Support calling PSA functions with buffer arguments that are in memory + shared with an untrusted party. The PSA core now makes copies of all + buffers before passing them to drivers to protect drivers against + modification of buffers during operations. + This feature increases code-size and memory usage. If buffers passed to + PSA functions are all trusted, buffer copying may be disabled by + unsetting MBEDTLS_PSA_COPY_CALLER_BUFFERS.