mbed-os-6.2.0
We are pleased to announce the Mbed OS 6.2.0 release is now available.
Summary
This release mainly provides updates for some of the connectivity protocols that Mbed OS supports, specifically BLE and WiSUN.
For BLE, we've updated the Cordio stack to version 20.05, which is the latest 5.2 specification qualified version. We've also made some changes to the BLE Security Manager to better support the handling of identity addresses when privacy is enabled.
For Wi-SUN, we've made API updates to the border router support we offer for Wi-SUN networks. A border router is a network gateway between a wireless 6LoWPAN mesh network and a backhaul network. It controls and relays traffic between the two networks and, in this release, we've added additional APIs to allow developers to access routing table data from border routers.
The other major change is to upgrade the version of the Arm Compiler to the latest 6.14 version as part of our commitment to track the latest stable versions of the compilers we support.
Migration Guide
This section lists specific changes which are part of this release and may
need special attention.
psa: Update TF-M for ARM_MUSCA_B1
Summary of changes
Upgrade the version of TF-M shipped within Mbed OS to version 1.1 (TF-Mv1.1 a6b336c1509f) with patches to support the integration of Mbed OS and TF-M from https://github.com/ARMmbed/trusted-firmware-m/tree/dev/feature-dualcore (52261ca41663).
Impact of changes
Please refer to the TF-M releases notes for information on what's contained in the TF-M release. https://ci.trustedfirmware.org/view/TF-M/job/tf-m-nightly/lastStableBuild/artifact/docs/trusted-firmware-m/build/install/doc/user_guide/html/docs/reference/changelog.html
Migration actions required
None.
Implements iterators for the Span class to be compatible with std::span
Summary of changes
Implements iterators for the Span class to be compatible with std::span.
This makes it possible, among other things, to use range based for loops on a span.
Add Wi-SUN Interface APIs
Summary of changes
Implemented
-info_get API for Wi-SUN router to get RPL information.
-info_get API for Wi-SUN BR to get RPL information.
-routing_table_get API for Wi-SUN BR.
This is upstreaming PR #13084.
BLE: Add KVStore Security DB
Summary of changes
This adds a new Security DB type for BLE Security Manager. This is optional and disabled by default. The presence of filesystem and kvstore DBs is now set in the mbed_lib.json file with the default values retaining the current setup.
Requires preceding PR: #13037
(so ignore the first commit)
Always build both .hex and .bin files
Summary of changes
- This change will cause build-system to produce both .bin and .hex files.
- Files are small and their creation is fast, thus there are no negative impact
on build time and storage requirements. - .bin files are required for updating the device
- .hex files are very handy for post build (external to build system) custom
scripts (e.g. image signing) - Configuration still allows selecting either .bin or .hex files, this settings is still
relevant as it specifies what file is flashed to a device for tests or by
--flash
argument.
Impact of changes
None
Known Issues
We publish Mbed OS as a collection of modules on GitHub. Issues are raised in the specific repositories and then tracked internally. The purpose of this section is to provide a single view of the outstanding key issues that have not been addressed for this release. As such, it is a filtered and reviewed list based on priority and potential effect. Each item summarizes the problem and includes any known workarounds, along with a link to the GitHub issue (if applicable). We welcome any comments or proposed solutions.
For more information about an issue, contact us on the forum.
TLS: IP addresses in the X.509 certificate subjectAltNames
- Description: Parsing IP addresses in the X.509 certificate subjectAltNames is not supported yet. In certificate chains relying on IP addresses in subjectAltNames a
BADCERT_CN_MISMATCH
error is returned. - Workaround: merge branch https://github.com/ARMmbed/mbedtls/tree/iotssl-602-san-ip into your copy of Mbed TLS before building the application. It is still in EXPERIMENTAL stage, use it on your own responsibility!
- Reported Issue: Issue reported by a customer in email.
- Priority: MAJOR
TLS: Mismatch of root CA and issuer of CRL not caught
- Description: The
x509_crt_verifycrl()
function ignores the CRL, when the CRL has an issuer different from the subject of root CA certificate. - Workaround: Make sure that the issuer of the CRL and the root CA certificate's subject are the same before passing them to
x509_crt_verifycrl()
. - Reported Issue: Reported by a partner.
- Priority: MAJOR
TLS: Self Test Failure with Some Hardware Accelerators
- Description: Most HW acceleration engines (if not all) require the parameters to be from contiguous memory.
All the self tests use test vectors that are defined in the .bss section, which means these are not contiguous. This causes the self test to possibly fail, when implementing HW accelerated engines. - Workaround: There are no known workarounds.
- Reported Issue: Reported by the development team.
- Priority: MAJOR
TLS: Hardware-accelerated hash creates CBC padding oracle in TLS
- Description: The current countermeasures against CBC padding oracle attacks in Mbed TLS call a low level internal API. The implementation of this API might not be possible with the hardware accelerator API and even if it is, the timing might still have detectable differences. The lower level API is called out of sequence and accelerators that are not aware of this might crash.
- Workaround: Keep
MBEDTLS_SSL_ENCRYPT_THEN_MAC
enabled inmbedtls/config.h
and enable the Encrypt-then-MAC extension (RFC7366) on the peers side. - Reported Issue: Reported by the development team.
- Priority: MAJOR
Crypto: Mbed OS ATECC608A example fails to build with IAR
- Description: The current ATECC608A secure element example fails to build with the IAR toolchain. The Microchip-provided cryptoauthlib library does not build with IAR.
- Workaround: Use a different toolchain, like GCC_ARM.
- Reported Issue: MicrochipTech/cryptoauthlib#116
- Priority: Minor
Tools: Error when running mbed test --compile/run list
- Description: The error, "pkg_resources.DistributionNotFound: The 'mbed-ls==1.*,>=1.5.1' distribution was not found and is required by icetea, mbed-flasher" is observed when running the command "mbed test -m K64F -t ARM --icetea --compile-list -vv".
- Workaround: None
- Reported Issues: #8064
- Priority: Major
Wi-SUN Hardfaults with IAR compiled image with Mbed OS 5.15.0
- Description: Mesh Wi-SUN FAN may HardFault in rare occasions with IAR8 compiled binaries during initial network connection.
- Workaround: The workaround is to use other compilers.
- Reported Issue: IOTTHD-3898
- Priority: Major
Test Report
Release automated CI test
In addition to regular Pull Request test and Nightly test, we also ran a branch test on mbed-os 6.2.0-RC1
Results for the tests we run on CI (PR, Nightly, Branch):
- Compilation tests: ARMC6 - SOME FAILS
- Compilation tests: GCC_ARM - ALL PASSED
- Unittest - ALL PASSED
- Greentea Test - SOME FAILS
- Example Test - ALL PASSED
- Exporter Test - SOME FAILS
- Cloud Client integration Test - ALL PASSED
- Memory Usage Test - ALL PASSED
- Wisun Mesh Test - ALL PASSED
We have the following issues on the test jobs:
- LTO failed on ARM compiler compile tests ---- Tracked by defect MBEDOSTEST-1083 - ARMC6 Failed to build mbed OS with LTO options
- Export uvision failing with missing context fault handler IOTCORE-1663 - Nightly: Export uvision failing with missing context fault handler
- NUCLEO_F767ZI failed on storage tests ---- Tracked by defect IOTSTOR-1032 - NUCLEO_F767ZI failed with features-storage-tests-kvstore-general_tests_phase_1&2
- MBOTRIAGE-2756 - CY8CPROTO_062_4343W failed at cordio-tests-cordio_hci-driver Greentea Test
- IOTSTOR-960 - K66F failed on mbed-os nightly "filesystem-general" test
Test Numbers
- Greentea test number 1495 (+0)
- Unittest number 735 (+0)
Toolchain Coverage
In the mbed OS 6.2.0 release. we are testing the following toolchains:
- ARM compiler 6.14
- GCC_ARM 9-2019-q4-major
The following toolchains have been dropped since the mbed OS 5.15.0 release
- ARM compiler 5.06 update 6
- IAR 8.42
Targets Coverage
In mbed OS 6, the compilation test targets scope has not changed and remains all mbed OS enabled targets.
Greentea test targets have been changed slightly:
At the time of the mbed-os 6.2.0 release, we run the greentea tests on the following 8 targets:
- NRF52840_DK
- DISCO_L457VG_IOT01A
- K64F
- K66F
- NUCLEO_F411RE
- NUCLEO_F429ZI
- NUCLEO_F767ZI
- CY8CPROTO_062_4343W
Coverity
In mbed OS 6.2.0 release,there are 92 coverity issues.
Code Coverage
Test Code Coverage been tracked and information is published on COVERALLS
Memory Monitoring
No change from mbed-os-6.1.0
Contents
Ports for Upcoming Targets
Fixes and Changes
13291
Update TF-M for ARM_MUSCA_B1
13285
Use a different key to sign Non-secure image for ARM_MUSCA_B1 target
13263
psa: Update TF-M for ARM_MUSCA_B1
13258
Fix deprecated warning messages in Cypress code
13257
Remove invalid unicode characters from mesh-api/mbed_lib.json
13252
Implements iterators for the Span class to be compatible with std::span
13247
GreenTea: Fix inconsistency of Greentea KV message
13237
STM32 custom target: Add missing information in arm pack manager for bootloader
13230
Fix duplication of KW41Z Nanostack driver
13227
Revert "Fix kv parsing bug in greentea client."
13225
BLE remove unused CYW4343X file
13224
ADV_WISE TLS config duplication
13223
PSoC Targets: Increase greentea sync timeout
13222
STM32 PWM : avoid glitch after duty cycle change
13221
STM32 ANALOGOUT and DEEPSLEEP
13219
STM32WB RNG: enable use from both M4 and M0+ cores
13217
Feature cordio update 20 05
13213
Reduce LED use in automatic CI tests
13210
Fix hal-sleep/sleep_manager Tests on Cypress Targets
13207
TEST: update NRF52840_DK with correct FPAG configuration
13206
Usb device init: wait_us fix
13205
LWIPStack: set sockets non-blocking
13199
TEST: Update kvstore tests with shorter timeout
13198
Cypress: Update WHD to version 1.91.2
13191
Fix ordering in adjust config.sh
13188
TEST: Add spif-driver support for baremetal test build
13180
Update mbed-coap to version 5.1.6
13174
tests-mbed_timing_fpga_ci_test_shield-watchdog update with clock accuracy
13173
STM32L4: I2C init parameters for L4+ MCU
13172
Cypress: Fix internal JIRA. Add check if cybsp_init() is successful
13171
Re-enable AWS example, limit targets
13152
Add Wi-SUN Interface APIs
13038
BLE: Add KVStore Security DB
13011
Always build both .hex and .bin files
Using this release
You can fetch this release from the mbed-os GitHub repository, using the tag "mbed-os-6.2.0".
If you need any help with this release please visit our support page, which provides reference links and details of our support channels.