mbed-os-6.4.0
We are pleased to announce the Mbed OS 6.4.0 release is now available.
Summary
This release contains significant changes to how Mbed supports BLE privacy, addressing issues some users may have seen when pairing a device running Mbed with either Android or iOS.
We've also updated the Mbed COAP implementation to v5.1.8.
Finally, we've made some further improvements to the WiSUN stack to address issues raised by both internal and external testing.
Migration Guide
This section lists specific changes which are part of this release and may
need special attention.
BLE: Introduce ChainableEventHandler and subclasses
Summary of changes
Requires #13727 to be merged first
Merged #13727 since this PR is closely tied to it.
Introduces a ChainableEventHandler
base class that is essentially a singly-linked-list of EventHandlers along with two subclasses:
ChainableGattServerEventHandler
that enables chaining togetherGattServer::EventHandler
sChainableGapEventHandler
that enables chaining togetherGap::EventHandlers
s
The ChainableGattServerEventHandler class allows an application toregister
separate event handlers (eg: for different services that need to handleGattServer
events) and then set the globalGattServer::setEventHandler
to the instance ofChainableGattServerEventHandler
with all registeredGattServer::EventHandler
s.
The ChainableGapEventHandler accomplishes that same as above forGap:EventHandler
implementations.
Common functionality has been split off intoChainableEventHandler
.
See #13728 for discussion around this implementation.
Impact of changes
None
Migration actions required
None
Feature ble host privacy
Summary of changes
This PR reimplements Bluetooth privacy for all type of Bluetooth controllers (4.0 to 5.2).
As soon as privacy is enabled, a private address is used to advertise, scan or initiate connection and peers resolvable addresses are resolved if a bond with matching IRK is found in the security database.
This should solve most of the pairing issues observed on Android and iOS where the local device is not able to retrieve a previous bond.
Internally there is two implementations of the address resolution:
- Host based where the software compute if the address is known or not
- Controller based where the Bluetooth controller resolves automatically addresses received during advertising or scan.
New configurations flags have been added to select at compile time the implementation to use: ble-gap-host-based-private-address-resolution
Forces the system to use host based resolutionble-gap-host-privacy-resolved-cache-size
Indicate how many entries must be booked for the host based resolution cache.
This PR is the result of the following PRs merged on the feature branch- Privacy feature configuration: #13662
- Force device mode for LL resolution: #13689
- Privacy enable event emission : #13680
- Improvement of Secure DB entry retrieval: #13660 and #13658
- Force identity address to be static: #13622
- Local private address management: #13582 and #13560
- Peer private address management: #13630 and #13685:
- Fixes: #13656 and #13670
- Notification when advertising start or stop: #13706
Impact of changes
Existing applications should not have anything to change regards to calls to privacy APIs as this PR enables it for all type of controllers and not just resolution when supported by the hardware.
The advertising state was showing up as enabled as soon as the function startAdvertising
was called. This is was not correct as it wasn't reflecting the reality of operations. The state is now modified when advertising is actually active. Two new events have been added to Gap::EventHandler
to catch the change of advertising state.
Add mutiple push and pop for circular buffer
Summary of changes
Add functions to circular buffer to allow pushing and popping multiple items at a time.
Add OSPI driver to support the Octa mode of Macronix octaflash MX25LM51245G
Summary of changes
Update PR #12619.
Add OSPI HAL driver and OSPIF block device driver for using Macronix octaflash MX25LM51245G.
ST Octo-SPI was ported on QSPI MBED API, but we can only use in SPI mode and the Octo mode is not supported. So, we add OSPI driver to enable Octo mode to improve read and write performance.
Impact of changes
Enable the octa mode of MX25LM51245G.
Migration actions required
N/A
Known Issues
We publish Mbed OS as a collection of modules on GitHub. Issues are raised in the specific repositories and then tracked internally. The purpose of this section is to provide a single view of the outstanding key issues that have not been addressed for this release. As such, it is a filtered and reviewed list based on priority and potential effect. Each item summarizes the problem and includes any known workarounds, along with a link to the GitHub issue (if applicable). We welcome any comments or proposed solutions.
For more information about an issue, contact us on the forum.
TLS: IP addresses in the X.509 certificate subjectAltNames
- Description: Parsing IP addresses in the X.509 certificate subjectAltNames is not supported yet. In certificate chains relying on IP addresses in subjectAltNames a
BADCERT_CN_MISMATCH
error is returned. - Workaround: merge branch https://github.com/ARMmbed/mbedtls/tree/iotssl-602-san-ip into your copy of Mbed TLS before building the application. It is still in EXPERIMENTAL stage, use it on your own responsibility!
- Reported Issue: Issue reported by a customer in email.
- Priority: MAJOR
TLS: Mismatch of root CA and issuer of CRL not caught
- Description: The
x509_crt_verifycrl()
function ignores the CRL, when the CRL has an issuer different from the subject of root CA certificate. - Workaround: Make sure that the issuer of the CRL and the root CA certificate's subject are the same before passing them to
x509_crt_verifycrl()
. - Reported Issue: Reported by a partner.
- Priority: MAJOR
TLS: Self Test Failure with Some Hardware Accelerators
- Description: Most HW acceleration engines (if not all) require the parameters to be from contiguous memory.
All the self tests use test vectors that are defined in the .bss section, which means these are not contiguous. This causes the self test to possibly fail, when implementing HW accelerated engines. - Workaround: There are no known workarounds.
- Reported Issue: Reported by the development team.
- Priority: MAJOR
TLS: Hardware-accelerated hash creates CBC padding oracle in TLS
- Description: The current countermeasures against CBC padding oracle attacks in Mbed TLS call a low level internal API. The implementation of this API might not be possible with the hardware accelerator API and even if it is, the timing might still have detectable differences. The lower level API is called out of sequence and accelerators that are not aware of this might crash.
- Workaround: Keep
MBEDTLS_SSL_ENCRYPT_THEN_MAC
enabled inmbedtls/config.h
and enable the Encrypt-then-MAC extension (RFC7366) on the peers side. - Reported Issue: Reported by the development team.
- Priority: MAJOR
Crypto: Mbed OS ATECC608A example fails to build with IAR
- Description: The current ATECC608A secure element example fails to build with the IAR toolchain. The Microchip-provided cryptoauthlib library does not build with IAR.
- Workaround: Use a different toolchain, like GCC_ARM.
- Reported Issue: MicrochipTech/cryptoauthlib#116
- Priority: Minor
Tools: Error when running mbed test --compile/run list
- Description: The error, "pkg_resources.DistributionNotFound: The 'mbed-ls==1.*,>=1.5.1' distribution was not found and is required by icetea, mbed-flasher" is observed when running the command "mbed test -m K64F -t ARM --icetea --compile-list -vv".
- Workaround: None
- Reported Issues: #8064
- Priority: Major
Wi-SUN Hardfaults with IAR compiled image with Mbed OS 5.15.0
- Description: Mesh Wi-SUN FAN may HardFault in rare occasions with IAR8 compiled binaries during initial network connection.
- Workaround: The workaround is to use other compilers.
- Reported Issue: IOTTHD-3898
- Priority: Major
Test Report
Release automated CI test
In addition to regular Pull Request test and Nightly test, we also ran a branch test on mbed-os 6.4.0-RC1
Results for the tests we run on CI (PR, Nightly, Branch):
- Build Greentea ARMC6 - SOME FAILS
- Build Greentea GCC_ARM - ALL PASSED
- Build Examples ARMC6 - ALL PASSED
- Build Examples GCC_ARM - ALL PASSED
- Build Cloud Examples ARMC6 - ALL PASSED
- Build Cloud Examples GCC_ARM - ALL PASSED
- Unittest Test matrix - ALL PASSED
- GreenTea test matrix - ALL PASSED
- Examples test matrix - ALL PASSED
- Exporter Test - SOME FAILS
- Cloud Client integration Test - ALL PASSED
- Memory Usage Test - ALL PASSED
Toolchain Coverage
In the mbed OS 6.4.0 release. we are testing the following toolchains:
- ARM compiler 6.14.0
- GCC_ARM 9-2019-q4-major
Targets Coverage
In mbed OS 6.4.0, the compilation test targets scope has not changed and remains all mbed OS enabled targets.
Greentea test targets have been changed slightly:
At the time of the mbed-os 6.4.0 release, we run the greentea tests on the following targets:
- NRF52840_DK
- DISCO_L457VG_IOT01A
- K64F
- NUCLEO_F429ZI
- NUCLEO_F767ZI
- NUCLEO_WB55RG
We have the following issues on the test jobs:
- MBEDOSTEST-1163 - ARMC6 Failed to build mbed OS with LTO options In Progress
- IOTCORE-1663 - Nightly: Export uvision failing with missing context fault handler Open
Test Numbers
- Greentea test number 1674 (+179)
- Unittest number 741 (+6)
Code Coverage
Test Code Coverage been tracked and information is published on COVERALLS
Memory Monitoring
No observed change from mbed-os-6.3.0
Contents
Ports for Upcoming Targets
13713
STM32H7: add NUCLEO_H7A3ZI_Q new target
Fixes and Changes
13787
Update Mbed CoAP to v5.1.8
13785
BLE: Fix access to attcCb.onDeck and attsCb.prepWriteQueue access
13782
scancode: fix SPDX check - only warning
13779
BLE: Fix scan state and host resolution of RPAs
13778
STM32G4 update drivers version to CUBE V1.3.0
13771
Separate cloud example configurations to another file
13757
wisun: Add APIs for Device min sense and CCA threshold table.
13749
Add missing args to weakly defined PalRtc functions
13745
Scancode: Fix false positive reported by scancode output analyser script
13744
Use NUCLEO_F429ZI for Azure IoT Hub and Google IoT Core examples testing
13743
Define SD and STORAGE for the MAX32630FTHR and prevent warnings during compilation on Mbed 5.12 and above
13742
nanostack: Add initialization to radius retry values
13741
STM32L4 update drivers version to CUBE V1.16.0
13738
Nuvoton: Enable fault handler dump message on CM23 targets
13737
Add certificate remove before add to wisun tasklet
13734
BLE: Introduce ChainableEventHandler and subclasses
13733
Enable Nanostack DNS cache usage
13729
BLE: Enable getting an implicitly-created CCCD through GattCharacteristic::getDescriptor
13725
STM32: update SetSysClock for NUCLEO_L476RG
13724
Add license notice to Arm copyrighted source files plus SDPX to already licensed files
13723
Add crash RAM to STM32F412xG
13718
Nanostack release v12.6.0
13717
Feature ble host privacy
13714
nanostack: mesh interface global up is indicated always on bootstrap
13713
STM32H7: add NUCLEO_H7A3ZI_Q new target
13707
Fix ESP8266
13704
ble: reset transport last and reset the default chars in gatt server
13697
STM32L5 update drivers version to CUBE V1.3.1
13694
adapting to new s3 bucket location in travis.yml
13690
STM32H7 update drivers version to CUBE V1.8.0
13684
nanostack: fix inclusion of kvstore
13683
USB STM32: fix header inclusion, removing mbed.h
13681
Nrf52840 spim3 updates
13679
Nuvoton: Fix NuMaker I2C timeout
13677
psoc64: Update flash layout of CYTFM_064B0S2_4343W
13674
Samsung: uart fixes
13669
STM32L0 update drivers version to CUBE V1.11.3
13659
STM32WB update drivers version to CUBE V1.8.0
13655
STM32_gen_PeripheralPins.py v1.17
13654
Remove WEP security Green Tea Test case as the WEP security Key are sequence of Hex Values
13653
Use impl namespace in GattServer att_cb registration, not ble
13649
Make mbed-trace available to bare metal
13646
Make STM32F412xG system_clock.c functions weak
13645
Patch STM32F4 HAL to fix F412CG USART3 issue
13640
STM32: Fix system clock setup for XTAL and/or internal source on STM32H743
13634
STM32L4: link issue with IAR
13633
STM32WB: FLASH compilation issue with baremetal
13632
fix DAPLINK error for S1SBP6A Target using GNU Toolchain.
13623
Refactor mbed-os design docs
13621
Refactor remaining TESTS related to hal, rtos, and platform dir
13619
Travis: remove status functionality
13611
Edit on Toolchain linker files for stm32L071xx target
13610
Fix #13490 Cellular disconnect does not deactivate context
13607
Update Mbed CoAP to v5.1.7
13602
WEP Security fix for Cypress Target Kits
13601
Fix AnalogIn implementation on STM32G4 series
13600
Refactor COMPONENT_FPGA_CI_TEST_SHIELD directory structure
13595
Nordic: Support 31250 baud rate
13593
STM32F: skip LittleFileSystem default instance and TDBStore tests
13586
travis: license check for new files
13565
Feature stm32g4 can support
13563
Add mutiple push and pop for circular buffer
13549
Make readdir reentrant
13545
Fix enabling/disabling BLE-Features
13432
Enable PDP type IPV6 and IPV4V6 to support more cellular service prov
13406
STM32F1 USBDevice
12644
Add OSPI driver to support the Octa mode of Macronix octaflash MX25LM51245G
Using this release
You can fetch this release from the mbed-os GitHub repository, using the tag "mbed-os-6.4.0".
If you need any help with this release please visit our support page, which provides reference links and details of our support channels.