mbedtls: kconfig: created MBEDTLS_PROMPTLESS and CUSTOM_MBEDTLS_CFG_FILE
Introducing MBEDTLS_PROMPTLESS and CUSTOM_MBEDTLS_CFG_FILE settings. The MBEDTLS_PROMPTLESS can be set to true whenever configuration of mbedTLS is done from a subsystem or module. Such an example is OpenThread, which selects mbedTLS for some predefined crypto settings using OPENTHREAD_MBEDTLS=y. Unfortunately, extensive use of select can easily cause stuck symbol syndrome making it harder than neccesarry for users to later reconfigure as they easily get stuck in incompatible configurations. Providing a MBEDTLS_PROMPTLESS allows such configurations to disable the MBEDTLS prompt itself when selected but avoid stuck symbol if user select another security configuration. Similar with CUSTOM_MBEDTLS_CFG_FILE which ensures that user must explicitly select this symbol before providing a custom mbedTLS config file. Today, other parts the Kconfig tree may set a default value for MBEDTLS_CFG_FILE but that value is stuck and thus changed Kconfig selections elsewhere in the tree will not adjust the value. Introducing CUSTOM_MBEDTLS_CFG_FILE ensures it is known when the user has provided the value. Signed-off-by: Torsten Rasmussen <Torsten.Rasmussen@nordicsemi.no> Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
This commit is contained in:
Torsten Rasmussen
Kumar Gala
parent
c5097101f3
commit
5888428541
2 changed files with 18 additions and 2 deletions
|
|
@ -5,9 +5,17 @@
|
||||||
|
|
||||||
config ZEPHYR_MBEDTLS_MODULE
|
config ZEPHYR_MBEDTLS_MODULE
|
||||||
bool
|
bool
|
||||||
|
config MBEDTLS_PROMPTLESS
|
||||||
|
bool
|
||||||
|
help
|
||||||
|
Symbol to disable the prompt for MBEDTLS selection.
|
||||||
|
This symbol may be used internally in a Kconfig tree to hide the
|
||||||
|
mbed TLS menu prompt and instead handle the selection of MBEDTLS from
|
||||||
|
dependent sub-configurations and thus preven stuck symbol behavior.
|
||||||
|
|
||||||
|
|
||||||
menuconfig MBEDTLS
|
menuconfig MBEDTLS
|
||||||
bool "mbedTLS Support"
|
bool "mbed TLS Support" if !MBEDTLS_PROMPTLESS
|
||||||
help
|
help
|
||||||
This option enables the mbedTLS cryptography library.
|
This option enables the mbedTLS cryptography library.
|
||||||
|
|
||||||
|
|
@ -32,8 +40,15 @@ config MBEDTLS_LIBRARY
|
||||||
|
|
||||||
endchoice
|
endchoice
|
||||||
|
|
||||||
|
config CUSTOM_MBEDTLS_CFG_FILE
|
||||||
|
bool "Custom mbed TLS configuration file"
|
||||||
|
help
|
||||||
|
Allow user defined input for the MBEDTLS_CFG_FILE setting.
|
||||||
|
You can specify the actual configuration file using the
|
||||||
|
MBEDTLS_CFG_FILE setting.
|
||||||
|
|
||||||
config MBEDTLS_CFG_FILE
|
config MBEDTLS_CFG_FILE
|
||||||
string "mbed TLS configuration file"
|
string "mbed TLS configuration file" if CUSTOM_MBEDTLS_CFG_FILE
|
||||||
depends on MBEDTLS_BUILTIN
|
depends on MBEDTLS_BUILTIN
|
||||||
default "config-tls-generic.h"
|
default "config-tls-generic.h"
|
||||||
help
|
help
|
||||||
|
|
|
||||||
|
|
@ -3,6 +3,7 @@ CONFIG_LOG_MODE_MINIMAL=y
|
||||||
CONFIG_MBEDTLS=y
|
CONFIG_MBEDTLS=y
|
||||||
CONFIG_MBEDTLS_BUILTIN=y
|
CONFIG_MBEDTLS_BUILTIN=y
|
||||||
CONFIG_MBEDTLS_CFG_FILE="config-tls-generic.h"
|
CONFIG_MBEDTLS_CFG_FILE="config-tls-generic.h"
|
||||||
|
CONFIG_CUSTOM_MBEDTLS_CFG_FILE=y
|
||||||
CONFIG_MBEDTLS_HEAP_SIZE=512
|
CONFIG_MBEDTLS_HEAP_SIZE=512
|
||||||
CONFIG_MBEDTLS_CIPHER_CCM_ENABLED=y
|
CONFIG_MBEDTLS_CIPHER_CCM_ENABLED=y
|
||||||
CONFIG_MBEDTLS_CIPHER_GCM_ENABLED=y
|
CONFIG_MBEDTLS_CIPHER_GCM_ENABLED=y
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue