From 7b22ede77ab0ae9d301658d6fd44dfdda2d9d7ae Mon Sep 17 00:00:00 2001
From: Krzysztof Stachowiak <krzysztof.stachowiak@arm.com>
Date: Mon, 18 Jun 2018 16:48:33 +0200
Subject: [PATCH] Disable XTS cipher mode by default when importing Mbed TLS

---
 features/mbedtls/importer/adjust-config.sh            | 1 +
 features/mbedtls/importer/adjust-no-entropy-config.sh | 1 +
 2 files changed, 2 insertions(+)

diff --git a/features/mbedtls/importer/adjust-config.sh b/features/mbedtls/importer/adjust-config.sh
index a585d6d0e3..7fe26c353a 100755
--- a/features/mbedtls/importer/adjust-config.sh
+++ b/features/mbedtls/importer/adjust-config.sh
@@ -85,6 +85,7 @@ conf unset MBEDTLS_CIPHER_MODE_CTR
 conf unset MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
 conf unset MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
 conf unset MBEDTLS_CIPHER_PADDING_ZEROS
+conf unset MBEDTLS_CIPHER_MODE_XTS
 conf unset MBEDTLS_ECP_DP_SECP192R1_ENABLED
 conf unset MBEDTLS_ECP_DP_SECP224R1_ENABLED
 conf unset MBEDTLS_ECP_DP_SECP521R1_ENABLED
diff --git a/features/mbedtls/importer/adjust-no-entropy-config.sh b/features/mbedtls/importer/adjust-no-entropy-config.sh
index 288b381c91..a6fb8c7403 100755
--- a/features/mbedtls/importer/adjust-no-entropy-config.sh
+++ b/features/mbedtls/importer/adjust-no-entropy-config.sh
@@ -36,3 +36,4 @@ add_code() {
 }
 
 conf set MBEDTLS_CMAC_C
+conf unset MBEDTLS_CIPHER_MODE_XTS