mbedtls: reduce heap usage when building PSA crypto By default PSA crypto library copies all the buffers that are passed in into the heap before further processing them. This is required when the PSA crypto library is on the secure side and it accepts buffers from a non-secure code. However this case in Zephyr is already handled by TF-M, so when the PSA crypto library is built (CONFIG_MBEDTLS_PSA_CRYPTO_C) then it will be on the non-secure side. Therefore this malloc copy is useless and it consumes heap memory. Setting MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS at Mbed TLS build time helps in removing this mechanism and it saves heap memory. Signed-off-by: Valerio Setti <vsetti@baylibre.com>

commit: 11920e35a00e30ea42bc24d05b253dc5433cedca [log] [tgz]
author: Valerio Setti <vsetti@baylibre.com> Tue May 21 10:29:01 2024 +0200
committer: Flavio Ceolin <flavio.ceolin@intel.com> Thu May 23 09:03:20 2024 -0700
tree: a6a29b73fa410afc18fc9d9d828fbdd1990a64cd
parent: 85bc3e64619deec688529ac52d46772db75cd511 [diff]
diff --git a/modules/mbedtls/configs/config-tls-generic.h b/modules/mbedtls/configs/config-tls-generic.h
index dc94e3d..45bc81f 100644
--- a/modules/mbedtls/configs/config-tls-generic.h
+++ b/modules/mbedtls/configs/config-tls-generic.h

@@ -473,6 +473,7 @@
 
 #if defined(CONFIG_MBEDTLS_PSA_CRYPTO_C)
 #define MBEDTLS_PSA_CRYPTO_C
+#define MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS
 
 #if defined(CONFIG_ARCH_POSIX) && !defined(CONFIG_PICOLIBC)
 #define MBEDTLS_PSA_KEY_SLOT_COUNT     64
commit	11920e35a00e30ea42bc24d05b253dc5433cedca	[log] [tgz]
author	Valerio Setti <vsetti@baylibre.com>	Tue May 21 10:29:01 2024 +0200
committer	Flavio Ceolin <flavio.ceolin@intel.com>	Thu May 23 09:03:20 2024 -0700
tree	a6a29b73fa410afc18fc9d9d828fbdd1990a64cd
parent	85bc3e64619deec688529ac52d46772db75cd511 [diff]