Skip to content

Releases: ARMmbed/mbed-os

mbed-os-6.10.0

26 Apr 13:16
Compare
Choose a tag to compare

We are pleased to announce the Mbed OS 6.10.0 release is now available.

Summary

The main feature we are releasing is to introduce a new standard for the definition and usage of pin-names, with the goal of simplifying this for Mbed developers looking to port their code between development boards. We'll publish a blog providing more details shortly, and would like to publicly thank both Analog Devices and ST Microelectronics for their contributions and collaboration on these changes.

Migration Guide

This section lists specific changes which are part of this release and may
need special attention.

Remove ownership/acquire in QSPI/OSPI driver

14437

Summary of changes

This PR removes the concept of peripheral acquisition and ownership in the QSPI driver. Its implementation is currently incomplete and undocumented, and has caused problems in some cases (see 11230 12678 12680).

Impact of changes

In cases where multiple instances of QSPI/OSPI are used with the same underlying peripheral, the QSPI/OSPI driver will no longer re-initialize the underlying peripheral to the appropriate configuration when switching instances. The application must call init when switching instances.

BLE: replace obsolete services with the new services repo

14436

Summary of changes

We are removing the old and broken ble services in favour of the external services repository.

Standard Pin Names

14381

Summary of changes

This PR introduces standard pin names for Mbed and migrates a number of ST targets to this standard. It also includes compliance testing tools based on static analysis and Greentea tests, and adds target markers to PinNames.h files so that they can be reliably matched to their corresponding target.

Implement polymorphism for DigitalIn/Out/InOut

13209

Summary of changes

In some IO-constrained applications, it is necessary to use a GPIO expander like the I2C-based MCP23008. To maintain compatibility with existing libraries that require a DigitalIn/Out/InOut handle, it would be beneficial to be able to subclass one of these classes and retarget the read/write, etc calls. This would enable an MCP23008 driver to provide DigitalOut-like objects that abstract away the intermediate I2C transfers. These objects can then be passed to older APIs using DigitalOut pointers.
For this to work properly, some of the DigitalIn/Out/InOut class methods must be made virtual. This PR accomplishes this.
I would encourage Mbed to consider "virtualizing" many of the other hardware drivers for similar use cases.
See #12387 for a similar discussion concerning retargetting Mbed's CAN API to an external SPI-based CAN controller/transceiver.

Impact of changes

None. This should not affect current users of these APIs in any functional way. Code size may be slightly increased due to the addition of virtual tables and new functions.

Migration actions required

None

Known Issues

We publish Mbed OS as a collection of modules on GitHub. Issues are raised in the specific repositories and then tracked internally. The purpose of this section is to provide a single view of the outstanding key issues that have not been addressed for this release. As such, it is a filtered and reviewed list based on priority and potential effect. Each item summarizes the problem and includes any known workarounds, along with a link to the GitHub issue (if applicable). We welcome any comments or proposed solutions.

For more information about an issue, contact us on the forum.

TLS: IP addresses in the X.509 certificate subjectAltNames

  • Description: Parsing IP addresses in the X.509 certificate subjectAltNames is not supported yet. In certificate chains relying on IP addresses in subjectAltNames a BADCERT_CN_MISMATCH error is returned.
  • Workaround: merge branch https://github.com/ARMmbed/mbedtls/tree/iotssl-602-san-ip into your copy of Mbed TLS before building the application. It is still in EXPERIMENTAL stage, use it on your own responsibility!
  • Reported Issue: Issue reported by a customer in email.
  • Priority: MAJOR

TLS: Mismatch of root CA and issuer of CRL not caught

  • Description: The x509_crt_verifycrl() function ignores the CRL, when the CRL has an issuer different from the subject of root CA certificate.
  • Workaround: Make sure that the issuer of the CRL and the root CA certificate's subject are the same before passing them to x509_crt_verifycrl().
  • Reported Issue: Reported by a partner.
  • Priority: MAJOR

TLS: Self Test Failure with Some Hardware Accelerators

  • Description: Most HW acceleration engines (if not all) require the parameters to be from contiguous memory.
    All the self tests use test vectors that are defined in the .bss section, which means these are not contiguous. This causes the self test to possibly fail, when implementing HW accelerated engines.
  • Workaround: There are no known workarounds.
  • Reported Issue: Reported by the development team.
  • Priority: MAJOR

TLS: Hardware-accelerated hash creates CBC padding oracle in TLS

  • Description: The current countermeasures against CBC padding oracle attacks in Mbed TLS call a low level internal API. The implementation of this API might not be possible with the hardware accelerator API and even if it is, the timing might still have detectable differences. The lower level API is called out of sequence and accelerators that are not aware of this might crash.
  • Workaround: Keep MBEDTLS_SSL_ENCRYPT_THEN_MAC enabled in mbedtls/config.h and enable the Encrypt-then-MAC extension (RFC7366) on the peers side.
  • Reported Issue: Reported by the development team.
  • Priority: MAJOR

Crypto: Mbed OS ATECC608A example fails to build with IAR

  • Description: The current ATECC608A secure element example fails to build with the IAR toolchain. The Microchip-provided cryptoauthlib library does not build with IAR.
  • Workaround: Use a different toolchain, like GCC_ARM.
  • Reported Issue: MicrochipTech/cryptoauthlib#116
  • Priority: Minor

Wi-SUN Hardfaults with IAR compiled image with Mbed OS 5.15.0

  • Description: Mesh Wi-SUN FAN may HardFault in rare occasions with IAR8 compiled binaries during initial network connection.
  • Workaround: The workaround is to use other compilers.
  • Reported Issue: IOTTHD-3898
  • Priority: Major

Test Report

Release automated CI test

In addition to regular Pull Request tests and Nightly test, we also ran a nightly release test on mbed-os 6.10.0-RC1

Results for the tests we run in CI on mbed-os 6.10.0-RC1 (nightly):

  • Build Greentea ARMC6 - SOME FAILS (Issue: MBEDOSTEST-1163 - ARMC6 Failed to build mbed OS with LTO options)
  • Build Greentea GCC_ARM - ALL PASSED
  • Build Examples ARMC6 - ALL PASSED
  • Build Examples GCC_ARM - ALL PASSED
  • Build Cloud Examples ARMC6 - ALL PASSED
  • Build Cloud Examples GCC_ARM - ALL PASSED
  • Build CMAKE Examples ARMC6 - ALL PASSED
  • Build CMAKE Examples GCC_ARM - ALL PASSED
  • Build CMAKE Cloud Examples ARMC6 - ALL PASSED
  • Build CMAKE Cloud Examples GCC_ARM - ALL PASSED
  • Unittest Test matrix - ALL PASSED
  • GreenTea test matrix - ALL PASSED
  • Examples test matrix - ALL PASSED
  • CMAKE Examples test matrix - ALL PASSED
  • Exporter Test - SOME FAILS (Issue: IOTCORE-1663 - Nightly: Export uvision failing with missing context fault handler)
  • Cloud Client integration Test - ALL PASSED
  • Memory Usage Test - ALL PASSED

Toolchain Coverage

In the mbed OS 6.10.0 release. we are testing the following toolchains:

  • ARM compiler 6.15.0
  • GCC_ARM 9-2019-q4-major

Targets Coverage

In mbed OS 6.10.0, the compilation test targets scope has not changed and remains all mbed OS enabled targets.

At the time of the mbed-os 6.10.0 release, we run the greentea tests on the following targets:

  • ARM_MUSCA_S1
  • DISCO_L457VG_IOT01A
  • K64F
  • K66F
  • NRF52840_DK
  • NUCLEO_F429ZI
  • NUCLEO_F767ZI
  • NUCLEO_WB55RG
  • FPGAs on K64F, NRF52840_DK, NUCLEO_F429ZI, NUCLEO_F767ZI, NUCLEO_WB55RG, and DISCO_L457VG_IOT01A

We have the following issues on the test jobs:

  • MBEDOSTEST-1163 - ARMC6 Failed to build mbed OS with LTO options
  • IOTCORE-1663 - Nightly: Export uvision failing with missing context fault handler

Test Numbers

Greentea test number 1721 (+0)
Unittest number 742 (-1)

Code Coverage

Test Code Coverage been tracked and information is published on COVERALLS

Memory Monitoring

Observed no significant changes from mbed-os-6.9.0

Contents

Ports for Upcoming Targets

14259
Support STM Nucleo-G431RB

Fixes and Changes

14546
CMake: Fix mbed-802.15.4-rf driver

14545
examples: Deprecate mbed-os-example-bootloader

14543
Fix Unbuffered serial enable/disable issue on Cypress kits

14541
Increase baud rate of mbed-os-example-crash-reporting to 115200

14532
Make ticker computation use shift-by-0

[14529](http...

Read more

mbed-os-5.15.7

31 Mar 10:40
Compare
Choose a tag to compare

We are pleased to announce the Mbed OS 5.15.7 release is now available.

Summary

This is the latest support release from the Mbed OS 5.15 branch. This brings a number of important updates which include:

  • Adding support for MIMXRT1050_EVK enabling use with Pelion device management
  • Nanostack has been updated to version 12.8.0 (primarily containing bug fixes and stability improvements to the Wi-SUN protocol)
  • The Mesh API has been updated to replace new calls with a nothrow version
  • A new method 'set_mac_address' has been added that allows the application to set the MAC address on the interface

Please see below for the full list of changes.

Migration Guide

This section lists specific changes which are part of this release and may
need special attention.

[mbed-os-5.15] Improve WisunInterface set_network_size docs

14443

Summary of changes

Clarify set_network_size usage and possible parameter values.
Clarify wisun-network-size help text in mbed-mesh-api/mbed_lib.json
This change is copied from: #14431

Add integer overflow check to the malloc wrappers

14408

Summary of changes

Backport of #14407
Add a check that the combined size of the buffer to allocate and alloc_info_t does not exceed the maximum integer value representable by size_t.

[mbed-os-5.15] Bring in MIMXRT1050_EVK changes from feature-wisun branch

14326

Summary of changes

Bring in MIMXRT1050_EVK related changes from the following pull requests made to feature-wisun branch:
PR #12562 (25 commits)
PR #12774 (6 commits)
PR #13063 (2 commits)
PR #13391 (2 commits)
PR #13526
PR #13569
PR #13927
These same changes are available in the Mbed OS master via PR: #14323
This PR ensures that target MIMXRT1050_EVK can be used with Pelion device management. Verified manually that pelion_border-router application (MIMXRT1050_EVK) connects to Pelion DM and other Wi-SUN nodes can connect to the Wi-SUN network.

[mbed-os-5.15] Added missing const qualifier to mesh ethernet mac addr get

14263

Summary of changes

Added missing const qualifier to mesh ethernet mac addr get. This corrects coverity warning.
This is mbed-os-5.15 version of: #14261

Impact of changes

None

Migration actions required

None

[mbed-os-5.15] Nanostack release v12.8.0

14170

Summary of changes

Nanostack release v12.8.0 to mbed-os-5.15 branch
This release contains bug fixes and stability improvements to the Wi-SUN protocol:

[mbed-os-5.15] travis: fix 3.5 test bug in attrs

14168

Summary of changes

pytest fetched newer attrs that caused an issue for python 3.5. We found few references with an error and they suggested to use 1.19 version.
This is copy of : #14108 to mbed-os-5.15 branch

[mbed-os-5.15] Corrected nanostack coverity warnings

14147

Summary of changes

Corrected nanostack coverity warnings.
This is mbed-os-5.15 version of:
#14146

Impact of changes

None

Migration actions required

None

[mbed-os-5.15] Fix mbed device-management command for Python 3.8

14057

Summary of changes

Bump the future module version to 0.18.0 to fix an ImportError present for Python 3.8:

ImportError: cannot import name 'splitattr' from 'urllib.request' (/usr/lib/python3.8/urllib/request.py)

The upstream issue for the future module -- PythonCharmers/python-future#447. Fixed in v0.18.0.
Fixes #14037.
Copied from master PR #14038

[mbed-os-5.15] Corrected Wi-SUN certificate add and remove functions on Wi-SUN interface

14046

Summary of changes

Corrected Wi-SUN certificate add and remove functions to work properly with .json certificates. .json certificates are used only if certificates added by add functions are not set. Corrected certificate add and remove functions to work properly and improved function descriptions.
This is mbed-os-5.15 version of: #14018

Impact of changes

None

Migration actions required

None

FIX: update cryptography version to 2.5 or later

14034

Summary of changes

Some cryptography dependency libraries not available anymore.
Update cryptography to version 1.5 or later for TravisCI installation to be passed

[mbed-os-5.15] Replaced new calls with nothrow version of the call on mesh api

13954

Summary of changes

Replaced new calls with nothrow version of the call.
This is mbed os 5.15 version of #13937

Impact of changes

None

Migration actions required

None

[mbed-os-5.15] Network interface MAC address set/get

13920

Summary of changes

Add method set_mac_address that Application can use to set MAC address to the interface.
Update get_mac_address to return MAC address correctly from EMAC.
This PR is copied from: #13902

Remove nanostack-border-router example from list of supported examples

13897

Summary of changes

Nanostack border router example is now owned by Pelion and has been moved out of the ARMmbed organisation. Thus this example needs to be removed from the supported examples on the 5.15 branch.

Impact of changes

This example will not be automatically updated when we make a 5.15 release and will not be tested in the Mbed OS CI.

Migration actions required

None

mbed-os-5.15: Add FLASH, FLASHIAP & bootloader support for VK_RZ_A1H board

13879

Summary of changes

Add FLASH , FLASHIAP , bootloader_supported support.
This is the 2-nd and last part of the planned target UPDATE mentioned here #13616 (The 1-st one is here #13639)

Known Issues

There are no new known issues with this release.

Contents

Ports for Upcoming Targets

Fixes and Changes

14443
[mbed-os-5.15] Improve WisunInterface set_network_size docs

14408
Add integer overflow check to the malloc wrappers

14326
[mbed-os-5.15] Bring in MIMXRT1050_EVK changes from feature-wisun branch

14263
[mbed-os-5.15] Added missing const qualifier to mesh ethernet mac addr get

14170
[mbed-os-5.15] Nanostack release v12.8.0

14168
[mbed-os-5.15] travis: fix 3.5 test bug in attrs

14147
[mbed-os-5.15] Corrected nanostack coverity warnings

14057
[mbed-os-5.15] Fix mbed device-management command for Python 3.8

14046
[mbed-os-5.15] Corrected Wi-SUN certificate add and remove functions on Wi-SUN interface

14034
FIX: update cryptography version to 2.5 or later

13954
[mbed-os-5.15] Replaced new calls with nothrow version of the call on mesh api

13920
[mbed-os-5.15] Network interface MAC address set/get

13897
Remove nanostack-border-router example from list of supported examples

13879
mbed-os-5.15: Add FLASH, FLASHIAP & bootloader support for VK_RZ_A1H board

Using this release

You can fetch this release from the mbed-os GitHub repository, using the tag "mbed-os-5.15.7".

If you need any help with this release please visit our support page, which provides reference links and details of our support channels.

mbed-os-6.9.0

18 Mar 15:23
Compare
Choose a tag to compare

We are pleased to announce the Mbed OS 6.9.0 release is now available.

Summary

The main new functionality delivered as part of this release is support for the current 1.2 version of the TF-M reference software provided by the Trusted Firmware project. TF-M is our recommended secure side software for a Platform Security Architecture-compatible MCU platform. You can find out more on the 1.2 features here: https://www.trustedfirmware.org/blog/tfm-v1-2-blog/

Both the Arm provided PSA platforms, the Musca B1 and Musca B2 have been updated to support this new version of TF-M.

Migration Guide

This section lists specific changes which are part of this release and may
need special attention.

Fix Lora timer cancellation

14422

Summary of changes

Fix abusive use of LoRaWANTimer::stop. Events were cancelled even when they were being executed or after their execution.
This change reset the event ID to 0 before calling the callback.
A new API has been added to achieve this task: LoRaWANTimer::clear

CMake: support signing TF-M targets with post binary hooks

14361

Summary of changes

Changes:

  • Add a post binary hook to sign TF-M targets: mbed_post_build_tfm_sign_image() (should work for any TF-M v1.2+ targets with secure and non-secure images in separate MCUboot slots). This was refactored from the existing tools/targets/ARM_MUSCA.py.
  • Apply the signing hook to ARM_MUSCA_B1 and ARM_MUSCA_S1 targets.
  • Copy the signing keys to each target's own directory, as per the new tools' convention (the old key paths are kept for compatibility of CLI 1 - to be deleted eventually).

Impact of changes

Images built for Musca B1 and S1 with Mbed CLI 2 are now signed and able to run on the targets.

Migration actions required

None.

Update TF-M support to v1.2

14354

Summary of changes

This PR brings in all the changes to update trusted-firmware-m support from v1.1 to v1.2:

  • Mbed TLS 2.24.0 as required by TF-M v1.2
  • TF-M v1.2 targets: PSA APIs from TF-M
  • Support for ARM_MUSCA_B1 and ARM_MUSCA_S1 (configurations, bootloader binaries, secure binaries and signing scripts, etc.)
  • Continued availability of psa_set_key_enrollment_algorithm() - deprecated, included for backward-compatibility only, to be removed from future TF-M updates
  • Miscellaneous fixes to make sure all supported PSA targets work, see the commit history for details
  • Changes in the trusted-firmware-m (link) and tf-m-tests (link) repositories to enable Mbed OS integration. Note that some of the changes have been upstreamed.
    Just as before this update
  • CYTFM_064B0S2_4343W remains on TF-M v1.0, supporting mbed-os-example-psa but not mbed-os-tf-m-regression-tests. Any updates to this target are maintained by Cypress.
  • Mbed PSA (non-TF-M) targets (e.g. K64F) continue to support mbed-os-example-psa. Note that Mbed PSA's APIs currently lag behind these of TF-M.
    The following have been removed:
  • ARM_MUSCA_A as an Mbed target
  • Integration of TF-M v1.1 (replaced by v1.2)
  • <TARGET>_NS aliases for ARM_MUSCA_B1 and ARM_MUSCA_S1
    Not yet included in this PR, to be added in the very near future:
  • Image signing for ARM_MUSCA_B1 and ARM_MUSCA_S1 with Mbed CLI 2. Until we add this, please use Mbed CLI 1 for now.

Impact of changes

See the PR description for targets that are impacted.

Migration actions required

From the perspective of Mbed OS support, applications for ARM_MUSCA_B1 and ARM_MUSCA_S1 should continue to work as before.
A board running the TF-M v1.1 firmware should be able to update to the v1.2 firmware without resetting data (verified on Musca targets), though downgrading is not possible.
Any references to ARM_MUSCA_B1_NS and ARM_MUSCA_S1_NS as target names should be changed to have _NS removed from the names.

Add lw ip opttion for rdnss

14343

Summary of changes

Added Options to turn on RDNSS using from ICMPv6 Router Advertisements (RFC5006)
and output packet queueing.
Default setting in mbed_lib is the same as before and leaving features to be turned off.

Impact of changes

RDNSS option takes about 256 bytes of flash and each DNS entry needs 128 bytes of RAM.
Outgoing packet caching avoids dropping packets during MAC address resolution. Requires increased RAM size for lwIP.

Known Issues

We publish Mbed OS as a collection of modules on GitHub. Issues are raised in the specific repositories and then tracked internally. The purpose of this section is to provide a single view of the outstanding key issues that have not been addressed for this release. As such, it is a filtered and reviewed list based on priority and potential effect. Each item summarizes the problem and includes any known workarounds, along with a link to the GitHub issue (if applicable). We welcome any comments or proposed solutions.

For more information about an issue, contact us on the forum.

TLS: IP addresses in the X.509 certificate subjectAltNames

  • Description: Parsing IP addresses in the X.509 certificate subjectAltNames is not supported yet. In certificate chains relying on IP addresses in subjectAltNames a BADCERT_CN_MISMATCH error is returned.
  • Workaround: merge branch https://github.com/ARMmbed/mbedtls/tree/iotssl-602-san-ip into your copy of Mbed TLS before building the application. It is still in EXPERIMENTAL stage, use it on your own responsibility!
  • Reported Issue: Issue reported by a customer in email.
  • Priority: MAJOR

TLS: Mismatch of root CA and issuer of CRL not caught

  • Description: The x509_crt_verifycrl() function ignores the CRL, when the CRL has an issuer different from the subject of root CA certificate.
  • Workaround: Make sure that the issuer of the CRL and the root CA certificate's subject are the same before passing them to x509_crt_verifycrl().
  • Reported Issue: Reported by a partner.
  • Priority: MAJOR

TLS: Self Test Failure with Some Hardware Accelerators

  • Description: Most HW acceleration engines (if not all) require the parameters to be from contiguous memory.
    All the self tests use test vectors that are defined in the .bss section, which means these are not contiguous. This causes the self test to possibly fail, when implementing HW accelerated engines.
  • Workaround: There are no known workarounds.
  • Reported Issue: Reported by the development team.
  • Priority: MAJOR

TLS: Hardware-accelerated hash creates CBC padding oracle in TLS

  • Description: The current countermeasures against CBC padding oracle attacks in Mbed TLS call a low level internal API. The implementation of this API might not be possible with the hardware accelerator API and even if it is, the timing might still have detectable differences. The lower level API is called out of sequence and accelerators that are not aware of this might crash.
  • Workaround: Keep MBEDTLS_SSL_ENCRYPT_THEN_MAC enabled in mbedtls/config.h and enable the Encrypt-then-MAC extension (RFC7366) on the peers side.
  • Reported Issue: Reported by the development team.
  • Priority: MAJOR

Crypto: Mbed OS ATECC608A example fails to build with IAR

  • Description: The current ATECC608A secure element example fails to build with the IAR toolchain. The Microchip-provided cryptoauthlib library does not build with IAR.
  • Workaround: Use a different toolchain, like GCC_ARM.
  • Reported Issue: MicrochipTech/cryptoauthlib#116
  • Priority: Minor

Tools: Error when running mbed test --compile/run list

  • Description: The error, "pkg_resources.DistributionNotFound: The 'mbed-ls==1.*,>=1.5.1' distribution was not found and is required by icetea, mbed-flasher" is observed when running the command "mbed test -m K64F -t ARM --icetea --compile-list -vv".
  • Workaround: None
  • Reported Issues: #8064
  • Priority: Major

Wi-SUN Hardfaults with IAR compiled image with Mbed OS 5.15.0

  • Description: Mesh Wi-SUN FAN may HardFault in rare occasions with IAR8 compiled binaries during initial network connection.
  • Workaround: The workaround is to use other compilers.
  • Reported Issue: IOTTHD-3898
  • Priority: Major

Test Report

Release automated CI test

In addition to regular Pull Request tests and Nightly test, we also ran a nightly release test on mbed-os 6.9.0-RC1

Results for the tests we run in CI on mbed-os 6.9.0-RC1 (nightly):

  • Build Greentea ARMC6 - SOME FAILS (Issue: MBEDOSTEST-1163 - ARMC6 Failed to build mbed OS with LTO options)
  • Build Greentea GCC_ARM - ALL PASSED
  • Build Examples ARMC6 - ALL PASSED
  • Build Examples GCC_ARM - ALL PASSED
  • Build Cloud Examples ARMC6 - ALL PASSED
  • Build Cloud Examples GCC_ARM - ALL PASSED
  • Build CMAKE Examples ARMC6 - ALL PASSED
  • Build CMAKE Examples GCC_ARM - ALL PASSED
  • Unittest Test matrix - ALL PASSED
  • GreenTea test matrix - ALL PASSED
    • Sporadic failure for connectivity-netsocket-tests-tests-network-interface test suite is observed on hardware boards such as K64, K66F, NUCLEO_F429ZI, and NUCLEO_F767ZI. These are observed only for test performed againt our hardare lab. Tests are passing consistently on local boards. This is strongly believed to be an infra...
Read more

mbed-os-6.8.0

22 Feb 16:17
Compare
Choose a tag to compare

We are pleased to announce the Mbed OS 6.8.0 release is now available.

Summary

There is no major new functionality introduced as part of this release, but some of the enhancements we've made to extend BLE functionality have changed APIs, so as per semantic versioning, we've incremented the release version.

This release includes further changes for CMake support in Mbed OS and this now requires the mbed-tools version to be upgraded to 7.1.0 in order to function correctly.

The CMake changes are summarised below;

CMake: all Mbed OS targets contain CMakelists.txt
CMake: Post build hooks implemented (TF-M not yet supported)
CMake: CMake targets refactored to simplify custom targets creation

Migration Guide

This section lists specific changes which are part of this release and may
need special attention.

BLE: Add APIs to get characteristic authorization callbacks.

14257

Summary of changes

This change adds two APIs to query the registered callbacks in a characteristic.

BLE: Add API to test the presence of an event handler in a chain.

14256

Summary of changes

Add a function to test if a handler is present in an event chain.

Update EventQueue API to use chrono times

13975

Summary of changes

Main dispatch function is updated to take a Chrono duration instead of an integer milliseconds parameter.
To allow for the instances of blocking and non wait versions, which previously were actioned by passing either -1 or 0 as the millisecond delay respectively, two other functions are now available.
dispatch_once() - new
dispatch_forever() - internally modified from the original version but no change in functionality
Note without this fix EventQueue dispatch function is actually broken. Events may not be dispatched at all or in the worst case the chip will crash.

Impact of changes

This is an API change, affecting the following areas:

  • The parameter passed to the EventQueue.dispatch() function will now need to be a Chrono duration.
    E.g. '100ms'
  • The dispatch_forever() function has been changed internally but the API itself remains the same.
  • A new function, dispatch_once() has been added.

Migration actions required

The following migrations actions are required:

  • Calls to EventQueue.dispatch(int ms) will now need to be changed to use EventQueue.dispatch(chrono wait). This should be
    as simple as adding 'ms' to any passed literal value. E.g. '100' becomes '100ms'. Variables passed in will need to be explicitly
    converted.
  • Calls to EventQueue.dispatch(-1) should used EventQueue.dispatch_forever()
  • Calls to EventQueue.dispatch(0) should used EventQueue.dispatch_once()

Known Issues

We publish Mbed OS as a collection of modules on GitHub. Issues are raised in the specific repositories and then tracked internally. The purpose of this section is to provide a single view of the outstanding key issues that have not been addressed for this release. As such, it is a filtered and reviewed list based on priority and potential effect. Each item summarizes the problem and includes any known workarounds, along with a link to the GitHub issue (if applicable). We welcome any comments or proposed solutions.

For more information about an issue, contact us on the forum.

TLS: IP addresses in the X.509 certificate subjectAltNames

  • Description: Parsing IP addresses in the X.509 certificate subjectAltNames is not supported yet. In certificate chains relying on IP addresses in subjectAltNames a BADCERT_CN_MISMATCH error is returned.
  • Workaround: merge branch https://github.com/ARMmbed/mbedtls/tree/iotssl-602-san-ip into your copy of Mbed TLS before building the application. It is still in EXPERIMENTAL stage, use it on your own responsibility!
  • Reported Issue: Issue reported by a customer in email.
  • Priority: MAJOR

TLS: Mismatch of root CA and issuer of CRL not caught

  • Description: The x509_crt_verifycrl() function ignores the CRL, when the CRL has an issuer different from the subject of root CA certificate.
  • Workaround: Make sure that the issuer of the CRL and the root CA certificate's subject are the same before passing them to x509_crt_verifycrl().
  • Reported Issue: Reported by a partner.
  • Priority: MAJOR

TLS: Self Test Failure with Some Hardware Accelerators

  • Description: Most HW acceleration engines (if not all) require the parameters to be from contiguous memory.
    All the self tests use test vectors that are defined in the .bss section, which means these are not contiguous. This causes the self test to possibly fail, when implementing HW accelerated engines.
  • Workaround: There are no known workarounds.
  • Reported Issue: Reported by the development team.
  • Priority: MAJOR

TLS: Hardware-accelerated hash creates CBC padding oracle in TLS

  • Description: The current countermeasures against CBC padding oracle attacks in Mbed TLS call a low level internal API. The implementation of this API might not be possible with the hardware accelerator API and even if it is, the timing might still have detectable differences. The lower level API is called out of sequence and accelerators that are not aware of this might crash.
  • Workaround: Keep MBEDTLS_SSL_ENCRYPT_THEN_MAC enabled in mbedtls/config.h and enable the Encrypt-then-MAC extension (RFC7366) on the peers side.
  • Reported Issue: Reported by the development team.
  • Priority: MAJOR

Crypto: Mbed OS ATECC608A example fails to build with IAR

  • Description: The current ATECC608A secure element example fails to build with the IAR toolchain. The Microchip-provided cryptoauthlib library does not build with IAR.
  • Workaround: Use a different toolchain, like GCC_ARM.
  • Reported Issue: MicrochipTech/cryptoauthlib#116
  • Priority: Minor

Tools: Error when running mbed test --compile/run list

  • Description: The error, "pkg_resources.DistributionNotFound: The 'mbed-ls==1.*,>=1.5.1' distribution was not found and is required by icetea, mbed-flasher" is observed when running the command "mbed test -m K64F -t ARM --icetea --compile-list -vv".
  • Workaround: None
  • Reported Issues: #8064
  • Priority: Major

Wi-SUN Hardfaults with IAR compiled image with Mbed OS 5.15.0

  • Description: Mesh Wi-SUN FAN may HardFault in rare occasions with IAR8 compiled binaries during initial network connection.
  • Workaround: The workaround is to use other compilers.
  • Reported Issue: IOTTHD-3898
  • Priority: Major

Test Report

Release automated CI test

In addition to regular Pull Request tests and Nightly test, we also ran a nightly release test on mbed-os 6.8.0-RC1

Results for the tests we run in CI on mbed-os 6.8.0-RC1 (nightly):

  • Build Greentea ARMC6 - SOME FAILS (Issue: MBEDOSTEST-1163 - ARMC6 Failed to build mbed OS with LTO options)
  • Build Greentea GCC_ARM - ALL PASSED
  • Build Examples ARMC6 - ALL PASSED
  • Build Examples GCC_ARM - ALL PASSED
  • Build Cloud Examples ARMC6 - ALL PASSED
  • Build Cloud Examples GCC_ARM - ALL PASSED
  • Build CMAKE Examples ARMC6 - ALL PASSED
  • Build CMAKE Examples GCC_ARM - ALL PASSED
  • Unittest Test matrix - ALL PASSED
  • GreenTea test matrix - ALL PASSED
  • Examples test matrix - ALL PASSED
  • CMAKE Examples test matrix - ALL PASSED
  • Exporter Test - SOME FAILS (Issue: IOTCORE-1663 - Nightly: Export uvision failing with missing context fault handler)
  • Cloud Client integration Test - ALL PASSED
  • Memory Usage Test - ALL PASSED

Toolchain Coverage

In the mbed OS 6.8.0 release. we are testing the following toolchains:

  • ARM compiler 6.15.0
  • GCC_ARM 9-2019-q4-major

Targets Coverage

In mbed OS 6.8.0, the compilation test targets scope has not changed and remains all mbed OS enabled targets.

At the time of the mbed-os 6.8.0 release, we run the greentea tests on the following targets:

  • ARM_MUSCA_S1
  • DISCO_L457VG_IOT01A
  • K64F
  • K66F
  • NRF52840_DK
  • NUCLEO_F429ZI
  • NUCLEO_F767ZI
  • NUCLEO_WB55RG

We have the following issues on the test jobs:

  • MBEDOSTEST-1163 - ARMC6 Failed to build mbed OS with LTO options
  • IOTCORE-1663 - Nightly: Export uvision failing with missing context fault handler

Test Numbers

Greentea test number 1675 (+0)
Unittest number 743 (+0)

Code Coverage

Test Code Coverage been tracked and information is published on COVERALLS

Memory Monitoring

No observed changes from mbed-os-6.7.0

Contents

Ports for Upcoming Targets

14207
Adding NUCLEO_WL55JC support

13979
Support for ST STM32 NUCLEO-G431KB Development Board

Fixes and Changes

14289
CMake: Refactor Cypress targets

14286
CMake: remove workaround for targets prior refactor

14284
CMake Arm SSG: refactor CMake targets

14282
CMake: Refactor Nuvoton targets

14281
CMake: refactor GigaDevice targets

14280
CMake: Refactor WIO_EMW3166 support

14279
CMake: Refactor Silicon Laboratories targets

[14277](https://github.com/ARMmbed/...

Read more

mbed-os-6.7.0

28 Jan 14:04
Compare
Choose a tag to compare

We are pleased to announce the Mbed OS 6.7.0 release is now available.

Summary

There is no major new functionality introduced as part of this release, but some of the enhancements we've made to existing functionality have changed APIs, so as per semantic versioning, we've incremented the release version.

The full details are below but in summary we've introduced the following changes;

  • Further evolved the Mbed CLI 2 tools by adding support to build greentea tests using CMake
  • Added the Arduino Portenta H7 as a supported target
  • Add support for the ST Microelectronis BlueNRG_2 BLE Component

Migration Guide

This section lists specific changes which are part of this release and may
need special attention.

CMake: Add CMake support for netsocket greentea test

14101

Summary of changes

  • Added CMakeLists.txt file to every test suite under the netsocket test so that it can build via CMake command

CMake: Add CMake support for events greentea test

14095

Summary of changes

  • Added CMakeLists.txt file to every test suite under the events so that it can build via CMake command

CMake: Add CMake support for rtos greentea test

14094

Summary of changes

  • Added CMakeLists.txt file to every test suite under the rtos so that it can build via CMake command

CMake: Add Support for hal greentea test

14093

Summary of changes

  • Added CMakeLists.txt file to every test suite under the hal so that it can build via CMake command

Update events period method to check for invalid values

14087

Summary of changes

The period method currently allows any ms value:
positive, negative and zero.
A negative value means dispatch a non periodic event. ie just once.
0 is unspecified behaviour.
This commit forces the user to use either positive periods or a new constant, non_periodic
and should any other value be provided will default to non_periodic.
A Greentea test case is also provided to check this works as
expected.
I'm classifying this as a feature change rather than major because allowing a zero value was actually a bug.

Impact of changes

If the user provides a 0 value this will now behave differently. Previously it would have run for a period of
time as if this was an indefinite event before eventually (with a timer wrap) have unspecified behaviour.
Now the event period will default instead to non periodic.
To specify a non periodic event a user could previously use any negative value. Whilst this will still work (due a default
being set on invalid values), the user is encouraged to use the new constant, 'non_periodic' to show that this is what was
intended.

Migration actions required

Use periods that are > 0ms or non_periodic constant.

CMake: Add CMake to platform greentea test

14072

Summary of changes

  • Added CMakeLists.txt file to every test suite under the platform so that it can build via CMake command
  • Added the CMake Macro mbed_greentea_cmake_macro with configurable arguments TEST_NAME, TEST_INCLUDE_DIRS, TEST_SOURCES, TEST_REQUIRED_LIBS so that it can be used across all the greentea test suite by passing their includes, sources required libraries.
  • Added CMake macro MBED_BAREMETAL_GREENTEA_TEST which can ON/OFF via CMake command-line argument at the configuration time to select/unselect baremetal greentea test

CMake: Create mbed-greentea library

14061

Summary of changes

The greentea framework provides all the infrastructure for the test suite to execute in the target like greentea-client, unity, utest so created the mbed-greentea interface library which binds all these framework sources, and all the test suite needs to add mbed-greentea lib into their target_link_library

CMake: Add CMake to drivers greentea test

14060

Summary of changes

  • Added CMakeLists.txt file to every test suite under the mbed_drivers so that it can build via CMake command

Add std::span implementation for cxxsupport

13881

Summary of changes

Adds std::span implementation to cxxsupport folder in namespace mstd.
See discussion in #13868.

Add Arduino Portenta H7 as target

13826

Summary of changes

This PR series introduces the support for Arduino Portenta H7 .
The patchset has been split into independent PRs for an easier review.

Impact of changes

Except the standalone TARGET_PORTENTA* content, some other files have been touched (all of them in separate commits).
In particular, COMPONENT_WHD has been made generic (any mbed target implementing SERIAL_FC can now compile it) but this could impact PSOC6 targets which used to configure it via Cypress HAL.

Support to BlueNRG_2 BLE component

13246

Summary of changes

Add support to BlueNRG_2 BLE Component

Known Issues

We publish Mbed OS as a collection of modules on GitHub. Issues are raised in the specific repositories and then tracked internally. The purpose of this section is to provide a single view of the outstanding key issues that have not been addressed for this release. As such, it is a filtered and reviewed list based on priority and potential effect. Each item summarizes the problem and includes any known workarounds, along with a link to the GitHub issue (if applicable). We welcome any comments or proposed solutions.

For more information about an issue, contact us on the forum.

TLS: IP addresses in the X.509 certificate subjectAltNames

  • Description: Parsing IP addresses in the X.509 certificate subjectAltNames is not supported yet. In certificate chains relying on IP addresses in subjectAltNames a BADCERT_CN_MISMATCH error is returned.
  • Workaround: merge branch https://github.com/ARMmbed/mbedtls/tree/iotssl-602-san-ip into your copy of Mbed TLS before building the application. It is still in EXPERIMENTAL stage, use it on your own responsibility!
  • Reported Issue: Issue reported by a customer in email.
  • Priority: MAJOR

TLS: Mismatch of root CA and issuer of CRL not caught

  • Description: The x509_crt_verifycrl() function ignores the CRL, when the CRL has an issuer different from the subject of root CA certificate.
  • Workaround: Make sure that the issuer of the CRL and the root CA certificate's subject are the same before passing them to x509_crt_verifycrl().
  • Reported Issue: Reported by a partner.
  • Priority: MAJOR

TLS: Self Test Failure with Some Hardware Accelerators

  • Description: Most HW acceleration engines (if not all) require the parameters to be from contiguous memory.
    All the self tests use test vectors that are defined in the .bss section, which means these are not contiguous. This causes the self test to possibly fail, when implementing HW accelerated engines.
  • Workaround: There are no known workarounds.
  • Reported Issue: Reported by the development team.
  • Priority: MAJOR

TLS: Hardware-accelerated hash creates CBC padding oracle in TLS

  • Description: The current countermeasures against CBC padding oracle attacks in Mbed TLS call a low level internal API. The implementation of this API might not be possible with the hardware accelerator API and even if it is, the timing might still have detectable differences. The lower level API is called out of sequence and accelerators that are not aware of this might crash.
  • Workaround: Keep MBEDTLS_SSL_ENCRYPT_THEN_MAC enabled in mbedtls/config.h and enable the Encrypt-then-MAC extension (RFC7366) on the peers side.
  • Reported Issue: Reported by the development team.
  • Priority: MAJOR

Crypto: Mbed OS ATECC608A example fails to build with IAR

  • Description: The current ATECC608A secure element example fails to build with the IAR toolchain. The Microchip-provided cryptoauthlib library does not build with IAR.
  • Workaround: Use a different toolchain, like GCC_ARM.
  • Reported Issue: MicrochipTech/cryptoauthlib#116
  • Priority: Minor

Tools: Error when running mbed test --compile/run list

  • Description: The error, "pkg_resources.DistributionNotFound: The 'mbed-ls==1.*,>=1.5.1' distribution was not found and is required by icetea, mbed-flasher" is observed when running the command "mbed test -m K64F -t ARM --icetea --compile-list -vv".
  • Workaround: None
  • Reported Issues: #8064
  • Priority: Major

Wi-SUN Hardfaults with IAR compiled image with Mbed OS 5.15.0

  • Description: Mesh Wi-SUN FAN may HardFault in rare occasions with IAR8 compiled binaries during initial network connection.
  • Workaround: The workaround is to use other compilers.
  • Reported Issue: IOTTHD-3898
  • Priority: Major

Test Report

Release automated CI test

In addition to regular Pull Request test and Nightly test, we also ran a branch test on mbed-os 6.7.0-RC1

Results for the tests we run on CI (PR, Nightly, Branch):

  • Build Greentea ARMC6 - SOME FAILS (Issue: MBEDOSTEST-1163 - ARMC6 Failed to buil...
Read more

mbed-os-6.6.0

16 Dec 17:38
Compare
Choose a tag to compare

We are pleased to announce the Mbed OS 6.6.0 release is now available.

Summary

There is no major new functionality introduced as part of this release, but some of the enhancements we've made to existing functionality have changed APIs, so as per semantic versioning, we've incremented the release version.

The full details are below but in summary we've introduced the following changes;

  • BLE update to the GATT API to better reflect what the specification define
  • Add a method to allow an application to set or get the MAC address for Wi-SUN
  • Restructuring of KVStore to better support the bare metal profile
  • Enhancements to printing floating point values
  • Improved memory and performance for ticker support

Migration Guide

This section lists specific changes which are part of this release and may
need special attention.

Update GattAuthCallbackReply_t enumeration.

14014

Summary of changes

Add missing values that are present in pal::AttErrorResponse.
This allows applications to use correct ATT error codes.
The values have been changed to reflect what is actually defined in the specification. The 0x01 was a leftover from softdevice's days.

Network interface MAC address set/get

13936

Summary of changes

Add method set_mac_address that Application can use to set MAC address to the interface.
Update get_mac_address to return MAC address correctly from EMAC.
This PR is copied from: #13902

Restructure KVStore to one library per store type

13908

Summary of changes

Fixes: #13657
Mutually depends on: ARMmbed/mbed-os-example-kvstore#60
In #13307 we combined multiple KVStore types (TDBStore, FileSystemStore) and the global API into one library, kv-global-api. This is inconvenient for users of bare metal: if they only want one store type, they need to add dependencies for other unused types and the global API to "requires". This becomes cumbersome as FileSystem has many dependencies.
This PR restructures KVStore to follow the same logic of BlockDevice: declare the interface at the top level, and treat each type/implementation as a "sub-" library. Users only need to enable the interface + the type they need. So each of the following is a library (containing mbed_lib.json):

  • storage/kvstore: KVStore interface
  • storage/kvstore/tdbstore: TDBStore : KVStore class
  • storage/kvstore/filesystemstore: FileSystemStore : KVStore class
  • storage/kvstore/securestore: SecureStore : KVStore class
  • storage/kvstore/kvstore_global_api: optional API to globally manage instances of KVStore, containing kvstore_global_api functions and KVMap which is a helper class for the global API
  • storage/kvstore/kvconfig: configurations
    Greentea and unit tests have also been moved into subdirectories of corresponding KVStore types.
    Note: The CMake support for KVStore has not been componentised yet - compilation with CMake still brings in all the unused types and dependencies, because everything is under one mbed-storage-kvstore target. Hopefully the CMake team will later componentise each type of KVStore into mbed-storage-kvstore-<type>. similar to what they've already done for BlockDevices. @0xc0170 (Update: required CMake changed included in this PR)

Impact of changes

Users can enable one type of KVStore (e.g. TDBStore) without having to bring in dependencies for unused types of KVStore.

Migration actions required

For a bare metal application, add "kvstore" and the type of KVStore to use (e.g. "tdbstore") to "requires" in mbed_app.json. Note that the KVStore interface library is "kvstore", not "kv-global-api" which now contains only the global API.
To use CMake (full profile and bare metal profile): Add the TDBStore sub-component you need (e.g. mbed-storage-tdbstore) and dependencies (e.g. TDBStore requires mbed-storage-blockdevice) to your app's CMakeLists.txt.

Add width modifier and prepending zeros for hexadecimal output and decimal precision for floating point

13548

Summary of changes

Added width modifier and prepend zeros if the width modifier is given feature to printing integer, hexadecimal and floating point values. So e.g. printf("%04X", i); works now the same as the std version.
Added precision specifier for printing floating point values, as it already existed for strings. If no precision specifier is given MBED_CONF_PLATFORM_MINIMAL_PRINTF_SET_FLOATING_POINT_MAX_DECIMALS will be used.
This PR also fixes #13783.

Impact of changes

Prepending zeros and width modifier work with integer, hexadecimal and floating point values when using minimal_printf.
Also the precision modifier works for floating point variables. If no precision specifier is given MBED_CONF_PLATFORM_MINIMAL_PRINTF_SET_FLOATING_POINT_MAX_DECIMALS is used.

Optimise mbed_ticker_api.c

12897

Summary of changes

The generic code in mbed_ticker_api.c uses run-time polymorphism to handle different tickers, and has generic run-time calculations for different ticker widths and frequencies, with a single special-case for 1MHz.
Extend the run-time special casing to handle any conversion cases where either the multiply or divide can be done as a shift. This is a speed optimisation for certain platforms.
Add a new option target.custom-tickers. If turned off, it promises that only USTICKER and LPTICKER devices will be used. This then permits elimination and/or simplification of runtime calculations, saving size and speed. If either both USTICKER and LPTICKER have the same width, or the same period numerator or denominator, or only one of them exists, then operations can be hard-coded. This is a significant ROM space saving, and a minor speed and RAM saving.
We get to optimise all the calculations, but the run-time polymorphism is retained even if there is only one ticker, as it doesn't significantly affect code size versus direct calls, and the existence of
lp_ticker_wrapper and various us_ticker optimisations requires it, even if only LPTICKER is available.

Impact of changes

  • Targets should make an effort to define the new LP_TICKER_XXX defines to help the optimisation kick in.

Migration actions required

None

Known Issues

We publish Mbed OS as a collection of modules on GitHub. Issues are raised in the specific repositories and then tracked internally. The purpose of this section is to provide a single view of the outstanding key issues that have not been addressed for this release. As such, it is a filtered and reviewed list based on priority and potential effect. Each item summarizes the problem and includes any known workarounds, along with a link to the GitHub issue (if applicable). We welcome any comments or proposed solutions.

For more information about an issue, contact us on the forum.

TLS: IP addresses in the X.509 certificate subjectAltNames

  • Description: Parsing IP addresses in the X.509 certificate subjectAltNames is not supported yet. In certificate chains relying on IP addresses in subjectAltNames a BADCERT_CN_MISMATCH error is returned.
  • Workaround: merge branch https://github.com/ARMmbed/mbedtls/tree/iotssl-602-san-ip into your copy of Mbed TLS before building the application. It is still in EXPERIMENTAL stage, use it on your own responsibility!
  • Reported Issue: Issue reported by a customer in email.
  • Priority: MAJOR

TLS: Mismatch of root CA and issuer of CRL not caught

  • Description: The x509_crt_verifycrl() function ignores the CRL, when the CRL has an issuer different from the subject of root CA certificate.
  • Workaround: Make sure that the issuer of the CRL and the root CA certificate's subject are the same before passing them to x509_crt_verifycrl().
  • Reported Issue: Reported by a partner.
  • Priority: MAJOR

TLS: Self Test Failure with Some Hardware Accelerators

  • Description: Most HW acceleration engines (if not all) require the parameters to be from contiguous memory.
    All the self tests use test vectors that are defined in the .bss section, which means these are not contiguous. This causes the self test to possibly fail, when implementing HW accelerated engines.
  • Workaround: There are no known workarounds.
  • Reported Issue: Reported by the development team.
  • Priority: MAJOR

TLS: Hardware-accelerated hash creates CBC padding oracle in TLS

  • Description: The current countermeasures against CBC padding oracle attacks in Mbed TLS call a low level internal API. The implementation of this API might not be possible with the hardware accelerator API and even if it is, the timing might still have detectable differences. The lower level API is called out of sequence and accelerators that are not aware of this might crash.
  • Workaround: Keep MBEDTLS_SSL_ENCRYPT_THEN_MAC enabled in mbedtls/config.h and enable the Encrypt-then-MAC extension (RFC7366) on the peers side.
  • Reported Issue: Reported by the development team.
  • Priority: MAJOR

Crypto: Mbed OS ATECC608A example fails to build with IAR

  • Description: The current ATECC608A secure element example fails to build with the IAR toolchain. The Microchip-provided cryptoauthlib library does not build with IAR.
  • Workaround: Use a different toolchain, like GCC_ARM.
    ...
Read more

mbed-os-6.5.0

23 Nov 16:28
Compare
Choose a tag to compare

We are pleased to announce the Mbed OS 6.5.0 release is now available.

Summary

The Mbed team are delighted to introduce the foundations of our new command line build tools, which use CMake to configure the build artifacts and, we hope, significantly improve the build experience for Mbed developers. These tools are still being refined and developed, but the basics are now available and will co-exist alongside the existing Mbed CLI tools for the time being. We'd really appreciate feedback from Mbed users on these tools as we want to ensure Mbed developers are seeing value in them.

The new tools can be found here .

We've also added some changes to how the Cordio BLE stack is configured to work with Nordic targets.

Migration Guide

This section lists specific changes which are part of this release and may
need special attention.

Update NRF ble configuration options

13910

Summary of changes

This allows for changes to the buffers allocated in NRFCordioHCIDriver.cpp. Since the amount of buffers can be configured using the mbed_app.json it is only natural to also configure the buffer sizes that go with the number of buffers.
I also removed the confusing configuration settings used only by the NRF52840 which overruled other settings made by the cordio-ll config.

Impact of changes

No functionality change, only configuration changes

Migration actions required

All the default settings remained the same and if no custom configuration is used in mbed_app.json the no actions are required.
If you use the NRF52840 and have overruled any of the following settings you may need to change:

  • "cordio-ll-nrf52840.phy-coded-support" into "cordio-ll.phy-coded-support"
  • "cordio-ll-nrf52840.extended-advertising-size" into "cordio-ll.extended-advertising-size"
  • "cordio-ll-nrf52840.max-acl-size" into "cordio-ll.max-acl-size"
  • "cordio-ll-nrf52840.tx-buffers" into "cordio-ll.tx-buffers"

CMake: Add initial support

13566

Summary of changes

Addition of CMake modules and input source files to configure the project and generate the scripts needed by the build systems (tested with Unix Makefiles and Ninja) to build Mbed OS as a library. Mbed OS is built as collection of all libraries supported by a given target.
There are two main targets: mbed-os and mbed-baremetal. The rest of the components in the Mbed OS repository are targets prefixed with mbed-, for example mbed-ble and mbed-netsockets.
Even though this is still under development. This PR was raised as the current state does not affect builds of the OS with the traditional tools (Mbed CLI, Online compiler, Mbed Studio).
For current state of development, supported targets, supported toolchains, known issues, and build steps, see "Documentations" section below.

Impact of changes

Adding/removing source files or subdirectories requires adding or updating CMake input source files as all source files are listed in them.

Known Issues

We publish Mbed OS as a collection of modules on GitHub. Issues are raised in the specific repositories and then tracked internally. The purpose of this section is to provide a single view of the outstanding key issues that have not been addressed for this release. As such, it is a filtered and reviewed list based on priority and potential effect. Each item summarizes the problem and includes any known workarounds, along with a link to the GitHub issue (if applicable). We welcome any comments or proposed solutions.

For more information about an issue, contact us on the forum.

TLS: IP addresses in the X.509 certificate subjectAltNames

  • Description: Parsing IP addresses in the X.509 certificate subjectAltNames is not supported yet. In certificate chains relying on IP addresses in subjectAltNames a BADCERT_CN_MISMATCH error is returned.
  • Workaround: merge branch https://github.com/ARMmbed/mbedtls/tree/iotssl-602-san-ip into your copy of Mbed TLS before building the application. It is still in EXPERIMENTAL stage, use it on your own responsibility!
  • Reported Issue: Issue reported by a customer in email.
  • Priority: MAJOR

TLS: Mismatch of root CA and issuer of CRL not caught

  • Description: The x509_crt_verifycrl() function ignores the CRL, when the CRL has an issuer different from the subject of root CA certificate.
  • Workaround: Make sure that the issuer of the CRL and the root CA certificate's subject are the same before passing them to x509_crt_verifycrl().
  • Reported Issue: Reported by a partner.
  • Priority: MAJOR

TLS: Self Test Failure with Some Hardware Accelerators

  • Description: Most HW acceleration engines (if not all) require the parameters to be from contiguous memory.
    All the self tests use test vectors that are defined in the .bss section, which means these are not contiguous. This causes the self test to possibly fail, when implementing HW accelerated engines.
  • Workaround: There are no known workarounds.
  • Reported Issue: Reported by the development team.
  • Priority: MAJOR

TLS: Hardware-accelerated hash creates CBC padding oracle in TLS

  • Description: The current countermeasures against CBC padding oracle attacks in Mbed TLS call a low level internal API. The implementation of this API might not be possible with the hardware accelerator API and even if it is, the timing might still have detectable differences. The lower level API is called out of sequence and accelerators that are not aware of this might crash.
  • Workaround: Keep MBEDTLS_SSL_ENCRYPT_THEN_MAC enabled in mbedtls/config.h and enable the Encrypt-then-MAC extension (RFC7366) on the peers side.
  • Reported Issue: Reported by the development team.
  • Priority: MAJOR

Crypto: Mbed OS ATECC608A example fails to build with IAR

  • Description: The current ATECC608A secure element example fails to build with the IAR toolchain. The Microchip-provided cryptoauthlib library does not build with IAR.
  • Workaround: Use a different toolchain, like GCC_ARM.
  • Reported Issue: MicrochipTech/cryptoauthlib#116
  • Priority: Minor

Tools: Error when running mbed test --compile/run list

  • Description: The error, "pkg_resources.DistributionNotFound: The 'mbed-ls==1.*,>=1.5.1' distribution was not found and is required by icetea, mbed-flasher" is observed when running the command "mbed test -m K64F -t ARM --icetea --compile-list -vv".
  • Workaround: None
  • Reported Issues: #8064
  • Priority: Major

Wi-SUN Hardfaults with IAR compiled image with Mbed OS 5.15.0

  • Description: Mesh Wi-SUN FAN may HardFault in rare occasions with IAR8 compiled binaries during initial network connection.
  • Workaround: The workaround is to use other compilers.
  • Reported Issue: IOTTHD-3898
  • Priority: Major

Test Report

Release automated CI test

In addition to regular Pull Request test and Nightly test, we also ran a branch test on mbed-os 6.5.0-RC1

Results for the tests we run on CI (PR, Nightly, Branch):

  • Build Greentea ARMC6 - SOME FAILS (Issue: MBEDOSTEST-1163 - ARMC6 Failed to build mbed OS with LTO options In Progress)
  • Build Greentea GCC_ARM - ALL PASSED
  • Build Examples ARMC6 - ALL PASSED
  • Build Examples GCC_ARM - ALL PASSED
  • Build Cloud Examples ARMC6 - ALL PASSED
  • Build Cloud Examples GCC_ARM - ALL PASSED
  • Build CMAKE example ARM - ALL PASSED
  • Build CMAKE example GCC_ARM - ALL PASSED
  • Unittest - ALL PASSED
  • Greentea Test - SOME FAILS (Some tests in K66F have failed due to unavailability of properly configured boards in farm.)
  • Example Test - ALL PASSED
  • CMAKE Example Test - ALL PASSED
  • Exporter Test - SOME FAILS (Issue: IOTCORE-1663 - Nightly: Export uvision failing with missing context fault handler Open)
  • Cloud Client integration Test - ALL PASSED
  • Memory Usage Test - ALL PASSED

Toolchain Coverage

In the mbed OS 6.5.0 release. we are testing the following toolchains:

  • ARM compiler 6.14.0
  • GCC_ARM 9-2019-q4-major

Targets Coverage

In mbed OS 6.5.0, the compilation test targets scope has not changed and remains all mbed OS enabled targets.

Greentea test targets have been changed slightly:

At the time of the mbed-os 6.5.0 release, we run the greentea tests on the following targets:

  • NRF52840_DK
  • K66F - Please note as highlighted above that this platform is considered unstable at this stage.
  • K64F
  • NUCLEO_F429ZI
  • NUCLEO_F767ZI
  • NUCLEO_WB55RG

We have the following issues on the test jobs:

  • MBEDOSTEST-1163 - ARMC6 Failed to build mbed OS with LTO options In Progress
  • IOTCORE-1663 - Nightly: Export uvision failing with missing context fault handler Open

Test Numbers

  • Greentea test number 1674 (+179)
  • Unittest number 741 (+0)

Code Coverage

Test Code Coverage been tracked and information is published on COVERALLS

Memory Monitoring

No observed change from mbed-os-6.4.0

Contents

Ports for Upcoming Targets

Fixes and Changes

13910
Update NRF ble configuration options

13905
STM32L4: ADC compilation issue with L422

13904
CMake STM32L475xG: fix linker/startup inclusion

13900
mergify: fix travis rename check

13895
CMake: Fix error that prevent...

Read more

mbed-os-5.15.6

10 Nov 17:30
Compare
Choose a tag to compare

We are pleased to announce the Mbed OS 5.15.6 release is now available.

Summary

This is the latest support release for the Mbed OS 5.15 branch. It contains a number of important fixes including:

  • Nanostack release v12.6.0
  • Improvements to WiSUN functionality
  • Mbed CoAP updated to v5.1.8

The full list of changes can be viewed below.

Migration Guide

This section lists specific changes which are part of this release and may
need special attention.

mbed-os-5.15: Add initialization to radius retry values

13775

Summary of changes

This corrects uninitialized scalar field coverity warning.
This is Mbed OS 5.15 version of #13740

mbed-os-5.15: Add initialization check to RADIUS ipv6 address

13774

Summary of changes

Added initialization check to RADIUS ipv6 address that prevents the border router from printing unnecessary error trace
when RADIUS is not enabled.
This is Mbed OS 5.15 version of:
#13588

M2354: Upgrade to BSP v3.00.001 (5.15)

13770

Summary of changes

This PR upgrades BSP to v3.00.001 to support MP chip.

Impact of changes

NuMaker-M2354 Ver 1.0 (test chip) gets unsupported. This doesn't do big impact because it is internal only. NuMaker-M2354 Ver 1.1 (MP chip) will be the official one with this upgrade.

mbed-os-5.15: Add APIs for Device min sense and CCA threshold table

13758

Summary of changes

-Added get, set and validate API for device min sens.
-Added get API for CCA threshold table.
Bring in changes from feature-wisun #13521 to mbed-os-5.15 branch.

Nuvoton: Enable fault handler dump message on CM23 targets (5.15)

13739

Summary of changes

This PR is backport of #13738 to mbed-os-5.15 branch. It enables fault handler dump message on Nuvoton's CM23 targets:

  • NU_PFM_M2351
  • NUMAKER_IOT_M263A
  • NUMAKER_IOT_M252

mbed-os-5.15: Add certificate remove before add to wisun tasklet

13736

Summary of changes

This prevents tasklet from adding own certificates multiple times to Nanostack in case bootstrap is made again.
This is mbed-os-5.15 version of #13608

mbed-os-5.15: Enable Nanostack DNS cache usage

13735

Summary of changes

Enable usage of Nanostack DNS cache. The cache may contain DNS server address and DNS query results.
Inherit methods gethostbyname, gethostbyname_async and get_dns_server to Nanostack class.
Methods will try to find DNS server address or DNS query results from Nanostack DNS cache.
These same changes are available in:

mbed-os-5.15: Nanostack release v12.6.0

13719

Summary of changes

Nanostack release v12.6.0 to feature-wisun branch.
This release contains improvements to the Wi-SUN protocol functionality.
These same changes are also available in feature-wisun branch: #13716, and in master: #13718

mbed-os-5.15: Mesh interface global up is indicated always on bootstrap ready

13715

Summary of changes

This indicates e.g. to client that IP address has changed or connection
to network has been established.
This is mbed-os 5.15 version of #13666

mbed-os-5.15: Nuvoton: Fix NuMaker I2C timeout

13709

Summary of changes

This PR is to fix I2C timeout measurement for NuMaker platforms instead of hardcode max timer count on OS-5.15 branch.
The same commit got approval in PR #13679 on OS-6.x master branch.

adapting to new s3 bucket location in travis.yml

13696

Summary of changes

Travis CI uses compilers and other binaries like astyle. These are stored in S3 bucket currently owned by ISG and mbed-os-ci is switching to OSS. This PR adapts the S3 location changes from ISG to OSS for travis CI builds.

TEST: Extend the kvstore test time out to 120s

13693

Summary of changes

Extend the kvstore test time out to 120s, due to this test might take longer time to run on larger size SD card

K82F, KL82Z: Fix the I2C SDK driver slave transfer

13661

Summary of changes

If multiple bytes are send from slave to master, slave is wrongly performing stop signal what brakes communication for 11ms because bus is still active. Slave shouldn't do any Start or Stop signal

Fix STM32H747 Arduino pinout

13652

Summary of changes

Changing Pin Names for Arduino header on STM32H747

M2351: Support GCC and IAR

13643

Summary of changes

This PR is backport of #12353 and #12366 to mbed-os-5.15 branch. It has the following modifications on M2351:

  1. Enable GCC support on non-PSA non-secure target
  2. Enable IAR support on non-PSA non-secure target
  3. Refactor for above toolchain support
  4. Other minor fix
    NOTE1: Disable GCC support on secure targets because of GCC bug (as of 9-2019-q4-major): In non-secure entry function, callee-saved registers must be restored, but they are incorrectly cleared at optimization level Os.
    NOTE2: Disable IAR on secure targets because of IAR toolchain bug (as of IAR 8.32): cmse_nonsecure_caller() is not always inlined.

Add SD, USBDEVICE & LPTICKER support for VK_RZ_A1H board.

13639

Summary of changes

Add SD , USBDEVICE , LPTICKER support.
Some of the files are synced with the other Renesas boards. VK_RZ_A1H ones are a bit old, especially the linker script files!

Impact of changes

SD feature requires an external lib !

Migration actions required

Projects using the SD feature, should include SDHI.

Update Mbed CoAP to v5.1.7

13606

Summary of changes

Update Mbed CoAP to v5.1.7.

  • Removed comparison of IP addresses when validating message resending. This avoids unnessary network errors due to load balancers causing frequent IP address changes.
  • Multiple fixes for out-ouf-bounds memory accesses, a memory leak and an infinite loop condition in packet parser.
  • Mapped MBED_CONF_MBED_CLIENT_RECONNECTION_COUNT Pelion Device Management Client configuration option to SN_COAP_RESENDING_MAX_COUNT in mbed-coap.
  • Fix the token from blockwise ACK message to be empty if the received message doesn't have one.

Fix for linker issue in AdBun-M066

13578

Summary of changes

Linker issue:
The hardcoded __initial_sp from the startup file of AdBun-M066 (startup_TMPM066.S) has been removed.
The initial stack pointer value ARM_LIB_STACK has been imported from the scatter file of AdBun-M066 (tmpm066fwug.sct).
As per scatter file of AdBun-M066,
initial stack pointer = 0x200000C0 + 0x4000 : 0x200040C0 (which is beyond the RAM of AdBun-M066)
So, Stack pointer must be initialized to =
RAM starting address + Size of RAM = 0x20000000 + 0x4000 (16KB)

mbed-os-5.15: Add external RADIUS server configuration to Wi-SUN Border Router

13576

Summary of changes

Added configuration functions and .json configuration options for:

  • external RADIUS server IPv6 address
  • RADIUS shared secret.
  • RADIUS client retry trickle timer configuration. This can be used to set how fast
    the RADIUS client retries Access-Request messages to RADIUS server in case reply
    from server is not received.
    This combines following RADIUS configuration pull requests from feature-wisun:
    #13412
    #13517
    #13530

[mbed-os-5.15] Nanostack release v12.5.0

13559

Summary of changes

Nanostack v12.5.0 contains bug fixes and stability improvements to the Wi-SUN protocol stack.
Also 802.15.4.RF RF drivers have been updated to match functionality in Nanostack:

  • Atmel RF driver to v3.3.2
  • STM S2LP driver to v1.0.7
    These same changes are available in feature-wisun branch in PR: #13550

Nuvoton: Fix degrading QSPI to SPI (5.15)

13537

Summary of changes

Same as #13536 but backport to mbed-os 5.15, this PR tries to fix logic with degrading QSPI to SPI. In most cases, we can control degraded QSPI H/W to standard through BSP SPI driver directly as if it is just SPI H/W. However, BSP SPI driver distinguishes among SPI H/W instances in functions:

  • SPI_Open...
Read more

mbed-os-6.4.0

21 Oct 17:07
Compare
Choose a tag to compare

We are pleased to announce the Mbed OS 6.4.0 release is now available.

Summary

This release contains significant changes to how Mbed supports BLE privacy, addressing issues some users may have seen when pairing a device running Mbed with either Android or iOS.

We've also updated the Mbed COAP implementation to v5.1.8.

Finally, we've made some further improvements to the WiSUN stack to address issues raised by both internal and external testing.

Migration Guide

This section lists specific changes which are part of this release and may
need special attention.

BLE: Introduce ChainableEventHandler and subclasses

13734

Summary of changes

Requires #13727 to be merged first
Merged #13727 since this PR is closely tied to it.
Introduces a ChainableEventHandler base class that is essentially a singly-linked-list of EventHandlers along with two subclasses:

  • ChainableGattServerEventHandler that enables chaining together GattServer::EventHandlers
  • ChainableGapEventHandler that enables chaining together Gap::EventHandlerss
    The ChainableGattServerEventHandler class allows an application to register separate event handlers (eg: for different services that need to handle GattServer events) and then set the global GattServer::setEventHandler to the instance of ChainableGattServerEventHandler with all registered GattServer::EventHandlers.
    The ChainableGapEventHandler accomplishes that same as above for Gap:EventHandler implementations.
    Common functionality has been split off into ChainableEventHandler.
    See #13728 for discussion around this implementation.

Impact of changes

None

Migration actions required

None

Feature ble host privacy

13717

Summary of changes

This PR reimplements Bluetooth privacy for all type of Bluetooth controllers (4.0 to 5.2).
As soon as privacy is enabled, a private address is used to advertise, scan or initiate connection and peers resolvable addresses are resolved if a bond with matching IRK is found in the security database.
This should solve most of the pairing issues observed on Android and iOS where the local device is not able to retrieve a previous bond.
Internally there is two implementations of the address resolution:

  • Host based where the software compute if the address is known or not
  • Controller based where the Bluetooth controller resolves automatically addresses received during advertising or scan.
    New configurations flags have been added to select at compile time the implementation to use:
  • ble-gap-host-based-private-address-resolution Forces the system to use host based resolution
  • ble-gap-host-privacy-resolved-cache-size Indicate how many entries must be booked for the host based resolution cache.
    This PR is the result of the following PRs merged on the feature branch
  • Privacy feature configuration: #13662
  • Force device mode for LL resolution: #13689
  • Privacy enable event emission : #13680
  • Improvement of Secure DB entry retrieval: #13660 and #13658
  • Force identity address to be static: #13622
  • Local private address management: #13582 and #13560
  • Peer private address management: #13630 and #13685:
  • Fixes: #13656 and #13670
  • Notification when advertising start or stop: #13706

Impact of changes

Existing applications should not have anything to change regards to calls to privacy APIs as this PR enables it for all type of controllers and not just resolution when supported by the hardware.
The advertising state was showing up as enabled as soon as the function startAdvertising was called. This is was not correct as it wasn't reflecting the reality of operations. The state is now modified when advertising is actually active. Two new events have been added to Gap::EventHandler to catch the change of advertising state.

Add mutiple push and pop for circular buffer

13563

Summary of changes

Add functions to circular buffer to allow pushing and popping multiple items at a time.

Add OSPI driver to support the Octa mode of Macronix octaflash MX25LM51245G

12644

Summary of changes

Update PR #12619.
Add OSPI HAL driver and OSPIF block device driver for using Macronix octaflash MX25LM51245G.
ST Octo-SPI was ported on QSPI MBED API, but we can only use in SPI mode and the Octo mode is not supported. So, we add OSPI driver to enable Octo mode to improve read and write performance.

Impact of changes

Enable the octa mode of MX25LM51245G.

Migration actions required

N/A

Known Issues

We publish Mbed OS as a collection of modules on GitHub. Issues are raised in the specific repositories and then tracked internally. The purpose of this section is to provide a single view of the outstanding key issues that have not been addressed for this release. As such, it is a filtered and reviewed list based on priority and potential effect. Each item summarizes the problem and includes any known workarounds, along with a link to the GitHub issue (if applicable). We welcome any comments or proposed solutions.

For more information about an issue, contact us on the forum.

TLS: IP addresses in the X.509 certificate subjectAltNames

  • Description: Parsing IP addresses in the X.509 certificate subjectAltNames is not supported yet. In certificate chains relying on IP addresses in subjectAltNames a BADCERT_CN_MISMATCH error is returned.
  • Workaround: merge branch https://github.com/ARMmbed/mbedtls/tree/iotssl-602-san-ip into your copy of Mbed TLS before building the application. It is still in EXPERIMENTAL stage, use it on your own responsibility!
  • Reported Issue: Issue reported by a customer in email.
  • Priority: MAJOR

TLS: Mismatch of root CA and issuer of CRL not caught

  • Description: The x509_crt_verifycrl() function ignores the CRL, when the CRL has an issuer different from the subject of root CA certificate.
  • Workaround: Make sure that the issuer of the CRL and the root CA certificate's subject are the same before passing them to x509_crt_verifycrl().
  • Reported Issue: Reported by a partner.
  • Priority: MAJOR

TLS: Self Test Failure with Some Hardware Accelerators

  • Description: Most HW acceleration engines (if not all) require the parameters to be from contiguous memory.
    All the self tests use test vectors that are defined in the .bss section, which means these are not contiguous. This causes the self test to possibly fail, when implementing HW accelerated engines.
  • Workaround: There are no known workarounds.
  • Reported Issue: Reported by the development team.
  • Priority: MAJOR

TLS: Hardware-accelerated hash creates CBC padding oracle in TLS

  • Description: The current countermeasures against CBC padding oracle attacks in Mbed TLS call a low level internal API. The implementation of this API might not be possible with the hardware accelerator API and even if it is, the timing might still have detectable differences. The lower level API is called out of sequence and accelerators that are not aware of this might crash.
  • Workaround: Keep MBEDTLS_SSL_ENCRYPT_THEN_MAC enabled in mbedtls/config.h and enable the Encrypt-then-MAC extension (RFC7366) on the peers side.
  • Reported Issue: Reported by the development team.
  • Priority: MAJOR

Crypto: Mbed OS ATECC608A example fails to build with IAR

  • Description: The current ATECC608A secure element example fails to build with the IAR toolchain. The Microchip-provided cryptoauthlib library does not build with IAR.
  • Workaround: Use a different toolchain, like GCC_ARM.
  • Reported Issue: MicrochipTech/cryptoauthlib#116
  • Priority: Minor

Tools: Error when running mbed test --compile/run list

  • Description: The error, "pkg_resources.DistributionNotFound: The 'mbed-ls==1.*,>=1.5.1' distribution was not found and is required by icetea, mbed-flasher" is observed when running the command "mbed test -m K64F -t ARM --icetea --compile-list -vv".
  • Workaround: None
  • Reported Issues: #8064
  • Priority: Major

Wi-SUN Hardfaults with IAR compiled image with Mbed OS 5.15.0

  • Description: Mesh Wi-SUN FAN may HardFault in rare occasions with IAR8 compiled binaries during initial network connection.
  • Workaround: The workaround is to use other compilers.
  • Reported Issue: IOTTHD-3898
  • Priority: Major

Test Report

Release automated CI test

In addition to regular Pull Request test and Nightly test, we also ran a branch test on mbed-os 6.4.0-RC1

Results for the tests we run on CI (PR, Nightly, Branch):

  • Build Greentea ARMC6 - SOME FAILS
  • Build Greentea GCC_ARM - ALL PASSED
  • Build Examples ARMC6 - ALL PASSED
  • Build Examples GCC_ARM - ALL PASSED
  • Build Cloud Examples ARMC6 - ALL PASSED
  • Build Cloud Examples GCC_ARM - ALL PASSED
  • Unittest Test matrix - ALL PASSED
  • GreenTea test matrix - ALL PASSED
  • Examples test matrix - ALL PASSED
    *...
Read more

mbed-os-6.3.0

16 Sep 15:28
Compare
Choose a tag to compare

We are pleased to announce the Mbed OS 6.3.0 release is now available.

Summary

This release contains additional cloud connectivity integrations with examples of how to use Microsoft Azure IoT and Google Cloud IoT with Mbed OS.

We also release a new BLE integration test suite that allows both hardware vendors and developers the ability to run BLE tests as part of their development efforts.

Further changes are made to the Mbed directory structure as we prepare the code base for the new build tools we are developing.

Support is added for the Arm Musca-S1 platform, a collaboration between Arm and Samsung Foundry to create the industry’s 1st PSA Certified Arm-based Smart IoT Device demonstrator enabling secure eMRAM-enabled Root of Trust (RoT) and secure Root of Execution (RoE) IoT Device services.

Migration Guide

This section lists specific changes which are part of this release and may
need special attention.

Add RADIUS configuration options to Wi-SUN

13573

Summary of changes

Added support for external RADIUS server configuration to Wi-SUN Border Router.
Added configuration functions and .json configuration options for:

  • external RADIUS server IPv6 address
  • RADIUS shared secret.
  • RADIUS client retry trickle timer configuration. This can be used to set how fast
    the RADIUS client retries Access-Request messages to RADIUS server in case reply
    from server is not received.
    This combines following RADIUS configuration pull requests from feature-wisun:
    #13412
    #13517
    #13530

Impact of changes

None

Migration actions required

None

Fix pwm out resets after suspend

13492

Summary of changes

Fixed a Problem where PwmOut resets settings after suspend.
The problem is described here: #13480

Impact of changes

Fixes: #13480

Known Issues

We publish Mbed OS as a collection of modules on GitHub. Issues are raised in the specific repositories and then tracked internally. The purpose of this section is to provide a single view of the outstanding key issues that have not been addressed for this release. As such, it is a filtered and reviewed list based on priority and potential effect. Each item summarizes the problem and includes any known workarounds, along with a link to the GitHub issue (if applicable). We welcome any comments or proposed solutions.

For more information about an issue, contact us on the forum.

TLS: IP addresses in the X.509 certificate subjectAltNames

  • Description: Parsing IP addresses in the X.509 certificate subjectAltNames is not supported yet. In certificate chains relying on IP addresses in subjectAltNames a BADCERT_CN_MISMATCH error is returned.
  • Workaround: merge branch https://github.com/ARMmbed/mbedtls/tree/iotssl-602-san-ip into your copy of Mbed TLS before building the application. It is still in EXPERIMENTAL stage, use it on your own responsibility!
  • Reported Issue: Issue reported by a customer in email.
  • Priority: MAJOR

TLS: Mismatch of root CA and issuer of CRL not caught

  • Description: The x509_crt_verifycrl() function ignores the CRL, when the CRL has an issuer different from the subject of root CA certificate.
  • Workaround: Make sure that the issuer of the CRL and the root CA certificate's subject are the same before passing them to x509_crt_verifycrl().
  • Reported Issue: Reported by a partner.
  • Priority: MAJOR

TLS: Self Test Failure with Some Hardware Accelerators

  • Description: Most HW acceleration engines (if not all) require the parameters to be from contiguous memory.
    All the self tests use test vectors that are defined in the .bss section, which means these are not contiguous. This causes the self test to possibly fail, when implementing HW accelerated engines.
  • Workaround: There are no known workarounds.
  • Reported Issue: Reported by the development team.
  • Priority: MAJOR

TLS: Hardware-accelerated hash creates CBC padding oracle in TLS

  • Description: The current countermeasures against CBC padding oracle attacks in Mbed TLS call a low level internal API. The implementation of this API might not be possible with the hardware accelerator API and even if it is, the timing might still have detectable differences. The lower level API is called out of sequence and accelerators that are not aware of this might crash.
  • Workaround: Keep MBEDTLS_SSL_ENCRYPT_THEN_MAC enabled in mbedtls/config.h and enable the Encrypt-then-MAC extension (RFC7366) on the peers side.
  • Reported Issue: Reported by the development team.
  • Priority: MAJOR

Crypto: Mbed OS ATECC608A example fails to build with IAR

  • Description: The current ATECC608A secure element example fails to build with the IAR toolchain. The Microchip-provided cryptoauthlib library does not build with IAR.
  • Workaround: Use a different toolchain, like GCC_ARM.
  • Reported Issue: MicrochipTech/cryptoauthlib#116
  • Priority: Minor

Tools: Error when running mbed test --compile/run list

  • Description: The error, "pkg_resources.DistributionNotFound: The 'mbed-ls==1.*,>=1.5.1' distribution was not found and is required by icetea, mbed-flasher" is observed when running the command "mbed test -m K64F -t ARM --icetea --compile-list -vv".
  • Workaround: None
  • Reported Issues: #8064
  • Priority: Major

Wi-SUN Hardfaults with IAR compiled image with Mbed OS 5.15.0

  • Description: Mesh Wi-SUN FAN may HardFault in rare occasions with IAR8 compiled binaries during initial network connection.
  • Workaround: The workaround is to use other compilers.
  • Reported Issue: IOTTHD-3898
  • Priority: Major

Test Report

Release automated CI test

In addition to regular Pull Request test and Nightly test, we also ran a branch test on mbed-os 6.3.0-RC2

Results for the tests we run on CI (PR, Nightly, Branch):

  • Compilation tests: ARMC6 - SOME FAILS
  • Compilation tests: GCC_ARM - ALL PASSED
  • Unittest - ALL PASSED
  • Greentea Test - SOME FAILS
  • Example Test - ALL PASSED
  • Exporter Test - SOME FAILS
  • Cloud Client integration Test - ALL PASSED
  • Memory Usage Test - ALL PASSED
  • Wisun Mesh Test - ALL PASSED

We have the following issues on the test jobs:

  • IOTCORE-1717 - ARMC6 Failed to build mbed OS with LTO options
  • IOTCORE-1663 - Nightly: Export uvision failing with missing context fault handler
  • IOTSTOR-1032 - NUCLEO_F767ZI failed with features-storage-tests-kvstore-general_tests_phase_1&2
  • MBOTRIAGE-2756 - CY8CPROTO_062_4343W failed at cordio-tests-cordio_hci-driver Greentea Test
  • IOTPAN-662 - NUCLEO_F303RE targets failed in nightly test with WIFI-SCAN test

Test Numbers

  • Greentea test number 1495 (+0)
  • Unittest number 735 (+0)

Toolchain Coverage

In the mbed OS 6.2.0 release. we are testing the following toolchains:

  • ARM compiler 6.14.0
  • GCC_ARM 9-2019-q4-major

The following toolchains have been dropped since the mbed OS 5.15.0 release

  • ARM compiler 5.06 update 6
  • IAR 8.42

Targets Coverage

In mbed OS 6.3.0, the compilation test targets scope has not changed and remains all mbed OS enabled targets.

Greentea test targets have been changed slightly:

At the time of the mbed-os 6.3.0 release, we run the greentea tests on the following 8 targets:

  • NRF52840_DK
  • DISCO_L457VG_IOT01A
  • K64F
  • K66F
  • NUCLEO_F411RE
  • NUCLEO_F429ZI
  • NUCLEO_F767ZI
  • CY8CPROTO_062_4343W

Coverity

The number of total issues increased from 92 to 108, and high impact issues increased from 35 to 49.
This is thought to be mainly caused by the restructuring of the mbed-os folders.

Code Coverage

Test Code Coverage been tracked and information is published on COVERALLS

Memory Monitoring

No change from mbed-os-6.2.0

Contents

Ports for Upcoming Targets

13538
Ambiq AMA3B1KK and SparkFun Artemis Boards Target Update

13509
Adding STM32L071xx target

13196
Add ARM_MUSCA_S1 as a new target platform

13006
NUCLEO_G031K8: Add new target

Fixes and Changes

13594
PSA - Generate root of trust before accessing kvstore

13592
Add test examples.json config for Azure and Google Cloud

13587
MCU_STM32G031xx : decrease boot-stack-size

13584
Revert "Always build both .hex and .bin files"

13583
STM32: correct few Arduino pins value

13580
TEST: Update example scripts for cmake feature

13579
double negation fixed and ifs normalised

13574
Fix a typo in PeripheralPins.c for EFM32GG11

13573
Add RADIUS configuration options to Wi-SUN

13572
STM32H7 ADC: clock selection lost after deepsleep

...

Read more