From 89bbc3a4c5f8e7aee46bfdfe551b694eaa4b3dbe Mon Sep 17 00:00:00 2001
From: Chien Wong <m@xv97.com>
Date: Mon, 24 Jul 2023 23:29:44 +0800
Subject: [PATCH] Fix doc on buffer requirements of GCM API

Signed-off-by: Chien Wong <m@xv97.com>
---
 .../drivers/builtin/include/mbedtls/gcm.h     | 19 +++++++++----------
 1 file changed, 9 insertions(+), 10 deletions(-)

diff --git a/tf-psa-crypto/drivers/builtin/include/mbedtls/gcm.h b/tf-psa-crypto/drivers/builtin/include/mbedtls/gcm.h
index 72632fa41a..e620be7ba0 100644
--- a/tf-psa-crypto/drivers/builtin/include/mbedtls/gcm.h
+++ b/tf-psa-crypto/drivers/builtin/include/mbedtls/gcm.h
@@ -109,10 +109,9 @@ int mbedtls_gcm_setkey(mbedtls_gcm_context *ctx,
 /**
  * \brief           This function performs GCM encryption or decryption of a buffer.
  *
- * \note            For encryption, the output buffer can be the same as the
- *                  input buffer. For decryption, the output buffer cannot be
- *                  the same as input buffer. If the buffers overlap, the output
- *                  buffer must trail at least 8 Bytes behind the input buffer.
+ * \note            The output buffer \p output can be the same as the input
+ *                  buffer \p input. If \p output is greater than \p input, they
+ *                  cannot overlap.
  *
  * \warning         When this function performs a decryption, it outputs the
  *                  authentication tag and does not verify that the data is
@@ -173,9 +172,9 @@ int mbedtls_gcm_crypt_and_tag(mbedtls_gcm_context *ctx,
  * \brief           This function performs a GCM authenticated decryption of a
  *                  buffer.
  *
- * \note            For decryption, the output buffer cannot be the same as
- *                  input buffer. If the buffers overlap, the output buffer
- *                  must trail at least 8 Bytes behind the input buffer.
+ * \note            The output buffer \p output can be the same as the input
+ *                  buffer \p input. If \p output is greater than \p input, they
+ *                  cannot overlap.
  *
  * \param ctx       The GCM context. This must be initialized.
  * \param length    The length of the ciphertext to decrypt, which is also
@@ -281,9 +280,9 @@ int mbedtls_gcm_update_ad(mbedtls_gcm_context *ctx,
  *                    to this function during an operation, then it is
  *                    correct to use \p output_size = \p input_length.
  *
- * \note            For decryption, the output buffer cannot be the same as
- *                  input buffer. If the buffers overlap, the output buffer
- *                  must trail at least 8 Bytes behind the input buffer.
+ * \note            The output buffer \p output can be the same as the input
+ *                  buffer \p input. If \p output is greater than \p input, they
+ *                  cannot overlap.
  *
  * \param ctx           The GCM context. This must be initialized.
  * \param input         The buffer holding the input data. If \p input_length