modules: mbedtls: build MbedTLS as three libraries
Previously, Zephyr's mbedtls module's cmake build created a single static
library, rather than the collection of libraries (mbedtls, mbedcrypto,
and mbedx509) that upstream mbedTLS cmake provides.
To give better control at link time to choose the required libraries to
link, this commit updates the Zephyr MbedTLS module to also define a
collection of libraries rather than a single static MbedTLS library.
One benefit of the three library approach is that if mbedTLS is used in
Zephyr in the the non-secure application in addition to TFM's PSA Crypto
API on the secure side with TF-M, PSA API calls on the non-secure side
will be redirected to the TFM PSA implementation, and the mbedcrypto
library will only be linked to the secure (TF-M) binary, with the mbedtls
and mbedx509 libraries linked against the non-secure (Zephyr) binary,
enabling TLS calls to PSA crypto to be redirected to mbedcrypto in the
secure partition and avoiding function duplication in the non-secure
binary.
Signed-off-by: Rajkumar Kanagaraj <rajkumar.kanagaraj@linaro.org>
1 file changed
