From 548cecdd2c287ac19f2b9637fa61c6b823df138f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?=
 <manuel.pegourie-gonnard@arm.com>
Date: Mon, 17 Dec 2018 13:13:30 +0100
Subject: [PATCH] Discourage making MBEDTLS_PARAM_FAILED() empty.

---
 include/mbedtls/config.h | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h
index 73b5dce13..512fb6ca8 100644
--- a/include/mbedtls/config.h
+++ b/include/mbedtls/config.h
@@ -292,9 +292,7 @@
  *   calls that function, but does not provide a default definition for it,
  * - or provide a different definition of the macro MBEDTLS_PARAM_FAILED()
  *   below if the above mechanism is not flexible enough to suit your needs.
- *   Note that you may define it to expand to nothing if you're happy to be
- *   notified about invalid parameters only in non-void functions, and have
- *   void function just silently return early on invalid parameters.
+ *   See the documentation of this macro later in this file.
  *
  * Uncomment to enable validation of application-controlled parameters.
  */
@@ -3062,7 +3060,9 @@
  *              which case you don't have to worry about declarations or
  *              definitions. However, you will then be notified about invalid
  *              parameters only in non-void functions, and void function will
- *              just silently return early on invalid parameters.
+ *              just silently return early on invalid parameters, which
+ *              partially negates the benefits of enabling
+ *              #MBEDTLS_CHECK_PARAMS in the first place, so is discouraged.
  *
  * \param cond  The expression that should evaluate to true, but doesn't.
  */