From 6ed183cf0022fdc65b0bfcd883dd3a9c4e231a19 Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Tue, 12 Jan 2021 06:42:16 +0000
Subject: [PATCH] Add MPS compile time option for enabling/disabling assertions

This commit adds the compile-time option MBEDTLS_MPS_ENABLE_ASSERTIONS
which controls the presence of runtime assertions in MPS code.

See the documentation in the header for more information.

Signed-off-by: Hanno Becker <hanno.becker@arm.com>
---
 library/mps/common.h | 23 ++++++++++++++++++++++-
 1 file changed, 22 insertions(+), 1 deletion(-)

diff --git a/library/mps/common.h b/library/mps/common.h
index 397c500db..7e994634f 100644
--- a/library/mps/common.h
+++ b/library/mps/common.h
@@ -26,6 +26,27 @@
 #ifndef MBEDTLS_MPS_COMMON_H
 #define MBEDTLS_MPS_COMMON_H
 
-/* To be populated */
+/**
+ * \name SECTION:       MPS Configuration
+ *
+ * \{
+ */
+
+/*! This flag enables/disables assertions on the internal state of MPS.
+ *
+ *  Assertions are sanity checks that should never trigger when MPS
+ *  is used within the bounds of its API and preconditions.
+ *
+ *  Enabling this increases security by limiting the scope of
+ *  potential bugs, but comes at the cost of increased code size.
+ *
+ *  Note: So far, there is no guiding principle as to what
+ *  expected conditions merit an assertion, and which don't.
+ *
+ *  Comment this to disable assertions.
+ */
+#define MBEDTLS_MPS_ENABLE_ASSERTIONS
+
+/* \} name SECTION: MPS Configuration */
 
 #endif /* MBEDTLS_MPS_COMMON_H */