Releases: hex-five/multizone-iot-sdk
2.2.8
2.2.7
2.2.6
Release notes
- update ext/mbedtls to 2.28.2 and rebuild lib
- zone1: fix lwip thread wfi timeout and add "restart" msg
- update arty7 .mcs release files and README.md links
- hexfive-conf @7a9dd5 (v2.2.6)
- hexfive-ker @261971 (v2.2.6)
Security
-
Fix potential heap buffer overread and overwrite in DTLS if
MBEDTLS_SSL_DTLS_CONNECTION_ID is enabled and
MBEDTLS_SSL_CID_IN_LEN_MAX > 2 * MBEDTLS_SSL_CID_OUT_LEN_MAX. -
An adversary with access to precise enough information about memory
accesses (typically, an untrusted operating system attacking a secure
enclave) could recover an RSA private key after observing the victim
performing a single private-key operation if the window size used for the
exponentiation was 3 or smaller. Found and reported by Zili KOU,
Wenjian HE, Sharad Sinha, and Wei ZHANG. See "Cache Side-channel Attacks
and Defenses of the Sliding Window Algorithm in TEEs" - Design, Automation
and Test in Europe 2023.
2.2.5
2.2.4
Release notes
- upgrade lwip to STABLE-2_1_3_RELEASE (+ mqtt.c @089697b)
- upgrade mbedtls to v2.28.1
- zone3.1 poll inbox when resuming from wfi with global irq disabled
- update README.md
Mbed TLS 2.28.1 - Important Security Updates
- Zeroize dynamically-allocated buffers used by the PSA Crypto key storage
module before freeing them. These buffers contain secret key material, and
could thus potentially leak the key through freed heap. - Fix a potential heap buffer overread in TLS 1.2 server-side when
MBEDTLS_USE_PSA_CRYPTO is enabled, an opaque key (created with
mbedtls_pk_setup_opaque()) is provisioned, and a static ECDH ciphersuite
is selected. This may result in an application crash or potentially an
information leak. - Fix a buffer overread in DTLS ClientHello parsing in servers with
MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE enabled. An unauthenticated client
or a man-in-the-middle could cause a DTLS server to read up to 255 bytes
after the end of the SSL input buffer. The buffer overread only happens
when MBEDTLS_SSL_IN_CONTENT_LEN is less than a threshold that depends on
the exact configuration: 258 bytes if using mbedtls_ssl_cookie_check(),
and possibly up to 571 bytes with a custom cookie check function.
Reported by the Cybeats PSI Team.
For full details see https://mbed-tls.readthedocs.io/en/latest/security-advisories/advisories/mbedtls-security-advisory-2022-07.html
2.2.3
2.2.2
2.2.1
Release notes
- add asynchronous message delivery
- add submodule ext/printf v4.0.0
- add FreeRTOS deep sleep
- add atomic mem access to peripherals
- move kernel runtime to ITIM to free 4KB RAM
- zone1: link with printf.c to reduce code size to < 128K
- zone2: link with printf.c and strtok.c to reduce code size < 16K
- fix -Wall and -Wextra warnings
- add prebuilt bitstreams for Arty A7 35T and 100T
- update riscv-gnu-toolchain-20210618 (rv32i|rv32e|rv64i)mac
- update riscv-openocd-20210807
- update manual.pdf and README.md
multizone.jar @1b9f31 (v2.2.1) / kernel @6b58e8 (v2.2.1):
- major redesign of kernel internal data structures
- up to 32/64 clint + 64/128 plic sources
- up to 256 clic sources for both rv32 and rv64
- reduce size of most kern vars from REGSIZE to 4-byte
- increase trap & emulation i-cache size
- add support for SiFive clic (E21)
- reintroduce support for rv32e 16-regs
- update riscv-gnu-toolchain-20210618 (rv32i|rv32e|rv64i)c