michaelh/zephyr
1
0
Fork 0
Code Releases Activity

mbedtls: reduce heap usage when building PSA crypto

Browse source 
By default PSA crypto library copies all the buffers that are passed
in into the heap before further processing them. This is required
when the PSA crypto library is on the secure side and it accepts
buffers from a non-secure code. However this case in Zephyr
is already handled by TF-M, so when the PSA crypto library is
built (CONFIG_MBEDTLS_PSA_CRYPTO_C) then it will be on the
non-secure side. Therefore this malloc copy is useless and
it consumes heap memory. Setting MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS
at Mbed TLS build time helps in removing this mechanism and
it saves heap memory.

Signed-off-by: Valerio Setti <vsetti@baylibre.com>
This commit is contained in:
Valerio Setti 2024-05-21 10:29:01 +02:00 committed by Flavio Ceolin
commit 11920e35a0
1 changed files with 1 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

1
modules/mbedtls/configs/config-tls-generic.h
View file

@ -473,6 +473,7 @@
#if defined(CONFIG_MBEDTLS_PSA_CRYPTO_C)
#define MBEDTLS_PSA_CRYPTO_C
#define MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS
#if defined(CONFIG_ARCH_POSIX) && !defined(CONFIG_PICOLIBC)
#define MBEDTLS_PSA_KEY_SLOT_COUNT 64