mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-01-04 08:55:09 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
7fc35a5ea1
mbedtls/ChangeLog.d/psa-shared-memory-protection.txt
David Horstmann 7fc35a5ea1 Reword ChangeLog entry. Specifically: 
* Fix a grammatical typo
* Mention shared memory
* Mention overlap support in the security section
* Improve wording

Signed-off-by: David Horstmann <david.horstmann@arm.com>
2024-03-13 13:30:55 +00:00

18 lines
957 B
Plaintext
Raw Blame History

Security
* Passing buffers that are stored in untrusted memory as arguments
to PSA functions is now secure by default.
The PSA core now protects against modification of inputs or exposure
of intermediate outputs during operations. This is currently implemented
by copying buffers.
This feature increases code size and memory usage. If buffers passed to
PSA functions are owned exclusively by the PSA core for the duration of
the function call (i.e. no buffer parameters are stored in memory shared
with an untrusted party), copying may be disabled by setting
MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS.
Note that setting this option will cause input-output buffer overlap to
be only partially supported.
Bugfix
* Fully support arbitrary overlap between inputs and outputs of PSA
functions. Note that overlap is still only partially supported when
MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS is set.
Reference in New Issue View Git Blame Copy Permalink