If you need urgent consulting help click here
Zephyr 1.14.3
This is an LTS maintenance release with fixes.
Issues Fixed
These GitHub issues were addressed since the previous 1.14.0 tagged release:
18334 - DNS resolution is broken for some addresses in master/2.0-pre
19917 - Bluetooth: Controller: Missing LL_ENC_RSP after HCI LTK Negative Reply
21107 - LL_ASSERT and ‘Imprecise data bus error’ in LL Controller
21257 - tests/net/net_pkt failed on mimxrt1050_evk board.
21299 - bluetooth: Controller does not release buffer on central side after peripheral reset
21601 - ‘!radio_is_ready()’ failed
21756 - tests/kernel/obj_tracing failed on mec15xxevb_assy6853 board.
22968 - Bluetooth: controller: LEGACY: ASSERTION failure on invalid packet sequence
23069 - Bluetooth: controller: Assert in data length update procedure
23109 - LL.TS Test LL/CON/SLA/BV-129-C fails (split)
23805 - Bluetooth: controller: Switching to non conn adv fails for Mesh LPN
24601 - Bluetooth: Mesh: Config Client’s net_key_status pulls two key indexes, should pull one.
25518 - settings_fcb: Fix storing the data
25519 - wrong debug function cause kinds of building error
26080 - gPTP time sync fails if having more than one port
28151 - gPTP should allow user setting of priority1 and priority2 fields used in BMCA
28177 - gPTP gptp_priority_vector struct field ordering is wrong
29386 - unexpected behavior when doing syscall with 7 or more arguments
29858 - Bluetooth: Mesh: RPL cleared on LPN disconnect
32430 - Bluetooth: thread crashes when configuring a non 0 Slave Latency
32898 - Bluetooth: controller: Control PDU buffer leak into Data PDU buffer pool
Zephyr 1.14.2
This is an LTS maintenance release with fixes.
Security Vulnerability Related
The following security vulnerabilities (CVEs) were addressed in this release:
CVE-2020-10019
CVE-2020-10021
CVE-2020-10022
CVE-2020-10023
CVE-2020-10024
CVE-2020-10027
CVE-2020-10028
More detailed information can be found in: https://docs.zephyrproject.org/latest/security/vulnerabilities.html
Issues Fixed
These GitHub issues were addressed since the previous 1.14.0 tagged release:
11617 - net: ipv4: udp: broadcast delivery not supported
11743 - logging: add user mode access
14459 - usb: samples: mass: doesn’t build with FLASH overlay
15119 - GPIO callback not disabled from an interrupt
15339 - RISC-V: RV32M1: Load access fault when accessing GPIO port E
15354 - counter: stm32: Issue with LSE clock source selection
15373 - IPv4 link local packets are not sent with ARP ethernet type
15443 - usb_dc_stm32: Missing semaphore initialization and missing pin remapping configuration
15444 - Error initiating sdhc disk
15497 - USB DFU: STM32: usb dfu mode doesn’t work
15507 - NRF52840: usb composite MSC + HID (with CONFIG_ENABLE_HID_INT_OUT_EP)
15526 - Unhandled identity in bt_conn_create_slave_le
15558 - support for power-of-two MPUs on non-XIP systems
15601 - pwm: nRF default prescalar value is wrong
15603 - Unable to use C++ Standard Library
15605 - Unaligned memory access by ldrd
15678 - Watchdog peripheral api docs aren’t generated correctly.
15698 - bluetooth: bt_conn: No proper ID handling
15733 - Bluetooth: controller: Central Encryption setup overlaps Length Request procedure
15794 - mps2_an385 crashes if CONFIG_INIT_STACKS=y and CONFIG_COVERAGE=y
15817 - nrf52: HFXO is not turned off as expected
15904 - concerns with use of CONFIG_BT_MESH_RPL_STORE_TIMEOUT in examples
15911 - Stack size is smaller than it should be
15975 - Openthread - fault with dual network interfaces
16001 - ARC iotdk supports MPU and fpu in hardware but not enabled in kconfig
16002 - the spi base reg address in arc_iot.dtsi has an error
16010 - Coverage reporting fails on many tests
16012 - Source IP address for DHCP renewal messages is unset
16046 - modules are being processed too late.
16080 - Zephyr UART shell crashes on start if main() is blocked
16089 - Mcux Ethernet driver does not detect carrier anymore (it’s alway on)
16090 - mpu align support for code relocation on non-XIP system
16143 - posix: clock_settime calculates the base time incorrectly
16155 - drivers: can: wrong value used for filter mode set
16257 - net: icmpv4: Zephyr sends echo reply with multicast source address
16307 - cannot move location counter backwards error happen
16323 - net: ipv6: tcp: unexpected reply to malformed HBH in TCP/IPv6 SYN
16339 - openthread: off-by-one error when calculating ot_flash_offset for settings
16354 - net: ipv6: Zephyr does not reply to fragmented packet
16375 - net: ipv4: udp: Zephyr does not reply to a valid datagram with checksum zero
16379 - net: ipv6: udp: Zephyr replies with illegal UDP checksum zero
16411 - bad regex for west version check in host-tools.cmake
16412 - on reel_board the consumption increases because TX pin is floating
16413 - Missing dependency in cmake
16414 - Backport west build –pristine
16415 - Build errors with C++
16416 - sram size for RT1015 and RT1020 needs to be update.
16417 - issues with can filter mode set
16418 - drivers: watchdog: sam0: check if timeout is valid
16419 - Bluetooth: XTAL feature regression
16478 - Bluetooth: Improper bonded peers handling
16570 - [Coverity CID :198877]Null pointer dereferences in /subsys/net/ip/net_if.c
16577 - [Coverity CID :198870]Error handling issues in /subsys/net/lib/lwm2m/lwm2m_obj_firmware_pull.c
16581 - [Coverity CID :198866]Null pointer dereferences in /subsys/net/lib/dns/llmnr_responder.c
16584 - [Coverity CID :198863]Error handling issues in /subsys/net/lib/sntp/sntp.c
16600 - Bluetooth: Mesh: Proxy SAR timeout is not implemented
16602 - Bluetooth: GATT Discovery: Descriptor Discovery by range Seg Fault
16639 - eth: pinging frdm k64f eventually leads to unresponsive ethernet device
16678 - LPN establishment of Friendship never completes if there is no response to the initial Friend Poll
16711 - Settings reworked to const char processing
16734 - Bluetooth: GATT: Writing 1 byte to a CCC access invalid memory
16745 - PTHREAD_MUTEX_DEFINE(): don’t store into the _k_mutex section
16746 - boards: nrf52840_pca10059: Configure NFC pins as GPIOs by default
16749 - IRQ_CONNECT and irq_enable calls in the SiFive UART driver is misconfigured
16750 - counter: lack of interrupt when CC=0
16760 - K_THREAD_STACK_EXTERN() confuses gen_kobject_list.py
16779 - [Zephyr v1.14] ARM: fix the start address of MPU guard in stack-fail checking (when building with no user mode)
16799 - Bluetooth: L2CAP: Interpretation of SCID and DCID in Disconnect is wrong
16861 - nRF52: UARTE: Data corruption right after resuming device
16864 - Bluetooth: Mesh: Rx buffer exhaustion causes deadlock
16893 - Bluetooth: Multiple local IDs, privacy problem
16943 - Missing test coverage for lib/os/crc*.c
16944 - Insufficient test coverage for lib/os/json.c
17031 - Compiler warnings in settings module in Zephyr 1.14
17038 - code relocation generating different memory layout cause user mode not working
17041 - [1.14] Bluetooth: Mesh: RPL handling is not in line with the spec
17055 - net: Incorrect data length after the connection is established
17057 - Bluetooth: Mesh: Implementation doesn’t conform to latest errata and 1.0.1 version
17092 - Bluetooth: GAP/IDLE/NAMP/BV-01-C requires Read by UUID
17170 - x86_64 crash with spinning child thread
17171 - Insufficient code coverage for lib/os/fdtable.c
17177 - ARM: userspace/test_bad_syscall fails on ARMv8-M
17190 - net-mgmt should pass info element size to callback
17250 - After first GC operation the 1st sector had become scratch and the 2nd sector had became write sector.
17251 - w25q: erase operations must be erase-size aligned
17262 - insufficient code coverage for lib/os/base64.c
17288 - Bluetooth: controller: Fix handling of L2CAP start frame with zero PDU length
17294 - DB corruption when adding/removing service
17337 - ArmV7-M mpu sub region alignment
17338 - kernel objects address check in elf_helper.py
17368 - Time Slicing cause system sleep short time
17399 - LwM2M: Can’t use an alternate mbedtls implementation
17401 - LwM2M: requires that CONFIG_NET_IPV* be enabled (can’t use 100% offloaded IP stack)
17415 - Settings Module - settings_line_val_read() returning -EINVAL instead of 0 for deleted setting entries
17427 - net: IPv4/UDP datagram with zero src addr and TTL causes Zephyr to segfault
17450 - net: IPv6/UDP datagram with unspecified addr and zero hop limit causes Zephyr to quit
17463 - Bluetooth: API limits usage of MITM flags in Pairing Request
17534 - Race condition in GATT API.
17595 - two userspace tests fail if stack canaries are enabled in board configuration
17600 - Enable Mesh Friend support in Bluetooth tester application
17613 - POSIX arch: occasional failures of tests/kernel/sched/schedule_api on CI
17630 - efr32mg_sltb004a tick clock error
17723 - Advertiser never clears state flags
17732 - cannot use bt_conn_security in connected callback
17764 - Broken link to latest development version of docs
17802 - [zephyr 1.14] Address type 0x02 is used by LE Create Connection in device privacy mode
17820 - Mesh bug report In access.c
17838 - state DEVICE_PM_LOW_POWER_STATE of Device Power Management
17843 - Bluetooth: controller: v1.14.x release conformance test failures
17857 - GATT: Incorrect byte order for GATT database hash
17861 - Tester application lacks BTP Discover All Primary Services handler
17880 - Unable to re-connect to privacy enabled peer when using stack generated Identity
17944 - [zephyr 1.14] LE Enhanced Connection Complete indicates Resolved Public once connected to Public peer address
17948 - Bluetooth: privacy: Reconnection issue
17967 - drivers/pwm/pwm_api test failed on frdm_k64f board.
17971 - [zephyr 1.14] Unable to register GATT service that was unregistered before
17979 - Security level cannot be elevated after re-connection with privacy
18021 - Socket vtable can access null pointer callback function
18090 - [zephyr 1.14][MESH/NODE/FRND/FN/BV-08-C] Mesh Friend queues more messages than indicates it’s Friend Cache
18178 - BLE Mesh When Provisioning Use Input OOB Method
18183 - [zephyr 1.14][GATT/SR/GAS/BV-07-C] GATT Server does not inform change-unaware client about DB changes
18297 - Bluetooth: SMP: Pairing issues
18306 - Unable to reconnect paired devices with controller privacy disabled (host privacy enabled)
18308 - net: TCP/IPv6 set of fragmented packets causes Zephyr to quit
18394 - [Coverity CID :203464]Memory - corruptions in /subsys/net/l2/ethernet/gptp/gptp_mi.c
18462 - potential buffer overrun in logging infrastructure
18580 - Bluetooth: Security fail on initial pairing
18658 - Bluetooth BR/EDR encryption key negotiation vulnerability
18739 - k_uptime_get_32() does not behave as documented
18935 - [Zephyr 1.14] drivers: flash: spi_nor: Problematic write with page boundaries
18961 - [Coverity CID :203912]Error handling issues in /samples/net/sockets/coap_client/src/coap-client.c
19015 - Bluetooth: Mesh: Node doesn’t respond to “All Proxies” address
19038 - [zephyr branch 1.14 and master -stm32-netusb]:errors when i view RNDIS Device‘s properties on Windows 10
19059 - i2c_ll_stm32_v2: nack on write is not handled correctly
19103 - zsock_accept_ctx blocks even when O_NONBLOCK is specified
19165 - zephyr_file generates bad links on branches
19263 - Bluetooth: Mesh: Friend Clear Procedure Timeout
19515 - Bluetooth: Controller: assertion failed
19612 - ICMPv6 packet is routed to wrong interface when peer is not found in neighbor cache
19678 - Noticeable delay between processing multiple client connection requests (200ms+)
19889 - Buffer leak in GATT for Write Without Response and Notifications
19982 - Periodically wake up log process thread consume more power
20042 - Telnet can connect only once
20100 - Slave PTP clock time is updated with large value when Master PTP Clock time has changed
20229 - cmake: add –divide to GNU assembler options for x86
20299 - bluetooth: host: Connection not being unreferenced when using CCC match callback
20313 - Zperf documentation points to wrong iPerf varsion
20811 - spi driver
20970 - Bluetooth: Mesh: seg_tx_reset in the transport layer
21131 - Bluetooth: host: Subscriptions not removed upon unpair
21306 - ARC: syscall register save/restore needs backport to 1.14
21431 - missing async uart.h system calls
21432 - watchdog subsystem has no system calls
22275 - arm: cortex-R & M: CONFIG_USERSPACE: intermittent Memory region write access failures
22280 - incorrect linker routing
23153 - Binding AF_PACKET socket second time will fail with multiple network interfaces
23339 - tests/kernel/sched/schedule_api failed on mps2_an385 with v1.14 branch.
23346 - bl65x_dvk boards do not reset after flashing
Zephyr 1.14.1
This is an LTS maintenance release with fixes, as well as Bluetooth qualification listings for the Bluetooth protocol stack included in Zephyr.
See Zephyr Kernel 1.14.0 for the previous version release notes.
Security Vulnerability Related
The following security vulnerability (CVE) was addressed in this release:
Fixes CVE-2019-9506: The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka “KNOB”) that can decrypt traffic and inject arbitrary ciphertext without the victim noticing.
Bluetooth
Qualification:
1.14.x Host subsystem qualified with QDID 139258
1.14.x Mesh subsystem qualified with QDID 139259
1.14.x Controller component qualified on Nordic nRF52 with QDID 135679
Issues Fixed
These GitHub issues were addressed since the previous 1.14.0 tagged release:
11617 - net: ipv4: udp: broadcast delivery not supported
11743 - logging: add user mode access
14459 - usb: samples: mass: doesn’t build with FLASH overlay
15279 - mempool alignment might cause a memory block allocated twice
15339 - RISC-V: RV32M1: Load access fault when accessing GPIO port E
15354 - counter: stm32: Issue with LSE clock source selection
15373 - IPv4 link local packets are not sent with ARP ethernet type
15443 - usb_dc_stm32: Missing semaphore initialization and missing pin remapping configuration
15444 - Error initiating sdhc disk
15497 - USB DFU: STM32: usb dfu mode doesn’t work
15507 - NRF52840: usb composite MSC + HID (with CONFIG_ENABLE_HID_INT_OUT_EP)
15526 - Unhandled identity in bt_conn_create_slave_le
15558 - support for power-of-two MPUs on non-XIP systems
15601 - pwm: nRF default prescalar value is wrong
15603 - Unable to use C++ Standard Library
15605 - Unaligned memory access by ldrd
15606 - trickle.c can’t work for multiple triggerings
15678 - Watchdog peripheral api docs aren’t generated correctly.
15698 - bluetooth: bt_conn: No proper ID handling
15733 - Bluetooth: controller: Central Encryption setup overlaps Length Request procedure
15794 - mps2_an385 crashes if CONFIG_INIT_STACKS=y and CONFIG_COVERAGE=y
15817 - nrf52: HFXO is not turned off as expected
15904 - concerns with use of CONFIG_BT_MESH_RPL_STORE_TIMEOUT in examples
15911 - Stack size is smaller than it should be
15975 - Openthread - fault with dual network interfaces
16001 - ARC iotdk supports MPU and fpu in hardware but not enabled in kconfig
16002 - the spi base reg address in arc_iot.dtsi has an error
16010 - Coverage reporting fails on many tests
16012 - Source IP address for DHCP renewal messages is unset
16027 - support for no-flash systems
16046 - modules are being processed too late.
16090 - mpu align support for code relocation on non-XIP system
16107 - Using bt_gatt_read() with ‘by_uuid’ method returns 3 extra bytes
16143 - posix: clock_settime calculates the base time incorrectly
16155 - drivers: can: wrong value used for filter mode set
16257 - net: icmpv4: Zephyr sends echo reply with multicast source address
16307 - cannot move location counter backwards error happen
16323 - net: ipv6: tcp: unexpected reply to malformed HBH in TCP/IPv6 SYN
16339 - openthread: off-by-one error when calculating ot_flash_offset for settings
16354 - net: ipv6: Zephyr does not reply to fragmented packet
16375 - net: ipv4: udp: Zephyr does not reply to a valid datagram with checksum zero
16379 - net: ipv6: udp: Zephyr replies with illegal UDP checksum zero
16411 - bad regex for west version check in host-tools.cmake
16412 - on reel_board the consumption increases because TX pin is floating
16413 - Missing dependency in cmake
16414 - Backport west build –pristine
16415 - Build errors with C++
16416 - sram size for RT1015 and RT1020 needs to be update.
16417 - issues with can filter mode set
16418 - drivers: watchdog: sam0: check if timeout is valid
16419 - Bluetooth: XTAL feature regression
16478 - Bluetooth: Improper bonded peers handling
16570 - [Coverity CID :198877]Null pointer dereferences in /subsys/net/ip/net_if.c
16577 - [Coverity CID :198870]Error handling issues in /subsys/net/lib/lwm2m/lwm2m_obj_firmware_pull.c
16581 - [Coverity CID :198866]Null pointer dereferences in /subsys/net/lib/dns/llmnr_responder.c
16584 - [Coverity CID :198863]Error handling issues in /subsys/net/lib/sntp/sntp.c
16594 - net: dns: Zephyr is unable to unpack mDNS answers produced by another Zephyr node
16600 - Bluetooth: Mesh: Proxy SAR timeout is not implemented
16602 - Bluetooth: GATT Discovery: Descriptor Discovery by range Seg Fault
16639 - eth: pinging frdm k64f eventually leads to unresponsive ethernet device
16678 - LPN establishment of Friendship never completes if there is no response to the initial Friend Poll
16711 - Settings reworked to const char processing
16734 - Bluetooth: GATT: Writing 1 byte to a CCC access invalid memory
16745 - PTHREAD_MUTEX_DEFINE(): don’t store into the _k_mutex section
16746 - boards: nrf52840_pca10059: Configure NFC pins as GPIOs by default
16749 - IRQ_CONNECT and irq_enable calls in the SiFive UART driver is misconfigured
16750 - counter: lack of interrupt when CC=0
16760 - K_THREAD_STACK_EXTERN() confuses gen_kobject_list.py
16779 - [Zephyr v1.14] ARM: fix the start address of MPU guard in stack-fail checking (when building with no user mode)
16799 - Bluetooth: L2CAP: Interpretation of SCID and DCID in Disconnect is wrong
16864 - Bluetooth: Mesh: Rx buffer exhaustion causes deadlock
16893 - Bluetooth: Multiple local IDs, privacy problem
16943 - Missing test coverage for lib/os/crc*.c
16944 - Insufficient test coverage for lib/os/json.c
17031 - Compiler warnings in settings module in Zephyr 1.14
17038 - code relocation generating different memory layout cause user mode not working
17041 - [1.14] Bluetooth: Mesh: RPL handling is not in line with the spec
17055 - net: Incorrect data length after the connection is established
17057 - Bluetooth: Mesh: Implementation doesn’t conform to latest errata and 1.0.1 version
17092 - Bluetooth: GAP/IDLE/NAMP/BV-01-C requires Read by UUID
17170 - x86_64 crash with spinning child thread
17177 - ARM: userspace/test_bad_syscall fails on ARMv8-M
17190 - net-mgmt should pass info element size to callback
17250 - After first GC operation the 1st sector had become scratch and the 2nd sector had became write sector.
17251 - w25q: erase operations must be erase-size aligned
17262 - insufficient code coverage for lib/os/base64.c
17288 - Bluetooth: controller: Fix handling of L2CAP start frame with zero PDU length
17294 - DB corruption when adding/removing service
17337 - ArmV7-M mpu sub region alignment
17338 - kernel objects address check in elf_helper.py
17368 - Time Slicing cause system sleep short time
17399 - LwM2M: Can’t use an alternate mbedtls implementation
17401 - LwM2M: requires that CONFIG_NET_IPV* be enabled (can’t use 100% offloaded IP stack)
17415 - Settings Module - settings_line_val_read() returning -EINVAL instead of 0 for deleted setting entries
17427 - net: IPv4/UDP datagram with zero src addr and TTL causes Zephyr to segfault
17450 - net: IPv6/UDP datagram with unspecified addr and zero hop limit causes Zephyr to quit
17463 - Bluetooth: API limits usage of MITM flags in Pairing Request
17534 - Race condition in GATT API.
17564 - Missing stdlib.h include when C++ standard library is used.
17595 - two userspace tests fail if stack canaries are enabled in board configuration
17600 - Enable Mesh Friend support in Bluetooth tester application
17613 - POSIX arch: occasional failures of tests/kernel/sched/schedule_api on CI
17723 - Advertiser never clears state flags
17732 - cannot use bt_conn_security in connected callback
17764 - Broken link to latest development version of docs
17789 - Bluetooth: host: conn.c missing parameter copy
17802 - [zephyr 1.14] Address type 0x02 is used by LE Create Connection in device privacy mode
17809 - Bluetooth Mesh message cached too early when LPN
17820 - Mesh bug report In access.c
17821 - Mesh Bug on access.c
17843 - Bluetooth: controller: v1.14.x release conformance test failures
17857 - GATT: Incorrect byte order for GATT database hash
17861 - Tester application lacks BTP Discover All Primary Services handler
17880 - Unable to re-connect to privacy enabled peer when using stack generated Identity
17882 - [zephyr 1.14] Database Out of Sync error is not returned as expected
17907 - BLE Mesh when resend use GATT bearer
17932 - BLE Mesh When Friend Send Seg Message To LPN
17936 - Bluetooth: Mesh: The canceled buffer is not free, causing a memory leak
17944 - [zephyr 1.14] LE Enhanced Connection Complete indicates Resolved Public once connected to Public peer address
17948 - Bluetooth: privacy: Reconnection issue
17971 - [zephyr 1.14] Unable to register GATT service that was unregistered before
17977 - BLE Mesh When IV Update Procedure
17979 - Security level cannot be elevated after re-connection with privacy
18013 - BLE Mesh On Net Buffer free issue
18021 - Socket vtable can access null pointer callback function
18090 - [zephyr 1.14][MESH/NODE/FRND/FN/BV-08-C] Mesh Friend queues more messages than indicates it’s Friend Cache
18150 - [zephyr 1.14] Host does not change the RPA
18178 - BLE Mesh When Provisioning Use Input OOB Method
18183 - [zephyr 1.14][GATT/SR/GAS/BV-07-C] GATT Server does not inform change-unaware client about DB changes
18194 - [zephyr 1.14][MESH/NODE/CFG/HBP/BV-05-C] Zephyr does not send Heartbeat message on friendship termination
18297 - Bluetooth: SMP: Pairing issues
18306 - Unable to reconnect paired devices with controller privacy disabled (host privacy enabled)
18308 - net: TCP/IPv6 set of fragmented packets causes Zephyr to quit
18394 - [Coverity CID :203464]Memory - corruptions in /subsys/net/l2/ethernet/gptp/gptp_mi.c
18462 - potential buffer overrun in logging infrastructure
18522 - BLE: Mesh: When transport send seg_msg to LPN
18580 - Bluetooth: Security fail on initial pairing
18658 - Bluetooth BR/EDR encryption key negotiation vulnerability
18739 - k_uptime_get_32() does not behave as documented
18813 - fs: nvs: Cannot delete entries
18873 - zsock_socket() should support proto==0
18935 - [Zephyr 1.14] drivers: flash: spi_nor: Problematic write with page boundaries
18961 - [Coverity CID :203912]Error handling issues in /samples/net/sockets/coap_client/src/coap-client.c
19015 - Bluetooth: Mesh: Node doesn’t respond to “All Proxies” address
19165 - zephyr_file generates bad links on branches
19181 - sock_set_flag implementation in sock_internal.h does not work for 64 bit pointers
19191 - problem with implementation of sock_set_flag
Zephyr Kernel 1.14.0
We are pleased to announce the release of Zephyr kernel version 1.14.0.
Major enhancements with this release include:
The Zephyr project now supports over 160 different board configurations spanning 8 architectures. All architectures are rigorously tested and validated using one of the many simulation platforms supported by the project: QEMU, Renode, ARC Simulator, and the native POSIX configuration.
The timing subsystem has been reworked and reimplemented, greatly simplifying the resulting drivers, removing thousands of lines of code, and reducing a typical kernel build size by hundreds of bytes. TICKLESS_KERNEL mode is now the default on all architectures.
The Symmetric Multi-Processing (SMP) subsystem continues to evolve with the addition of a new CPU affinity API that can “pin” threads to specific cores or sets of cores. The core kernel no longer uses the global irq_lock on SMP systems, and exclusively uses the spinlock API (which on uniprocessor systems reduces to the same code).
Zephyr now has support for the x86_64 architecture. It is currently implemented only for QEMU targets, supports arbitrary numbers of CPUs, and runs in SMP mode by default, our first platform to do so.
We’ve overhauled the Network packet (net-pkt) API and moved the majority of components and protocols to use the BSD socket API, including MQTT, CoAP, LWM2M, and SNTP.
We enhanced the native POSIX port by adding UART, USB, and display drivers. Based on this port, we added a simulated NRF52832 SoC which enables running full system, multi-node simulations, without the need of real hardware.
We added an experimental BLE split software Controller with Upper Link Layer and Lower Link Layer for supporting multiple BLE radio hardware architectures.
The power management subsystem has been overhauled to support device idle power management and move most of the power management logic from the application back to the BSP.
We introduced major updates and an overhaul to both the logging and shell subsystems, supporting multiple back-ends, integration of logging into the shell, and delayed log processing.
Introduced the
west
tool for management of multiple repositories and enhanced support for flashing and debugging.Added support for application user mode, application memory partitions, and hardware stack protection in ARMv8m
Applied MISRA-C code guideline on the kernel and core components of Zephyr. MISRA-C is a well established code guideline focused on embedded systems and aims to improve code safety, security and portability.
The following sections provide detailed lists of changes by component.
Security Vulnerability Related
The following security vulnerabilities (CVEs) were addressed in this release:
Tinycrypt HMAC-PRNG implementation doesn’t take the HMAC state clearing into account as it performs the HMAC operations, thereby using a incorrect HMAC key for some of the HMAC operations. (CVE-2017-14200)
The shell DNS command can cause unpredictable results due to misuse of stack variables. (CVE-2017-14201)
The shell implementation does not protect against buffer overruns resulting in unpredictable behavior. (CVE-2017-14202)
We introduced Kernel Page Table Isolation, a technique for mitigating the Meltdown security vulnerability on x86 systems. This technique helps isolate user and kernel space memory by ensuring non-essential kernel pages are unmapped in the page tables when the CPU is running in the least privileged user mode, Ring 3. This is the fix for Rogue Data Cache Load. (CVE-2017-5754)
We also addressed these CVEs for the x86 port:
Bounds Check Bypass (CVE-2017-5753)
Branch Target Injection (CVE-2017-5715)
Speculative Store Bypass (CVE-2018-3639)
L1 Terminal Fault (CVE-2018-3620)
Lazy FP State Restore (CVE-2018-3665)
Kernel
The timing subsystem has been reworked and mostly replaced:
The timer driver API has been extensively reworked, greatly simplifying the resulting drivers. By removing thousands of lines of code, we reduced the size of a typical kernel build by hundreds of bytes.
TICKLESS_KERNEL mode is now the default on all architectures. Many bugs were fixed in this support.
Lots of work on the rapidly-evolving SMP subsystem:
There is a new CPU affinity API available to “pin” threads to specific cores or sets of cores.
The core kernel is now 100% free of use of the global irq_lock on SMP systems, and exclusively uses the spinlock API (which on uniprocessor systems reduces to the same code).
Zephyr now has a simple interprocessor interrupt framework for applications, such as the scheduler, to use for synchronously notifying other processors of state changes. It’s currently implemented only on x86_64 and used only for thread abort.
Zephyr now has support for the x86_64 architecture. It is currently implemented only for QEMU targets.
It supports arbitrary numbers of CPUs in SMP, and runs in SMP mode by default, our first platform to do so.
It currently runs code built for the “x32” ABI, which is a native 64-bit hardware state, where pointers are 32 bit in memory. Zephyr still has some lurking word size bugs that will need to be fixed to turn on native 64 bit code generation.
K_THREAD_STACK_BUFFER() has been demoted to a private API and will be removed in a future Zephyr release.
A new API sys_mutex has been introduced. It has the same semantics as a k_mutex, but the memory for it can reside in user memory and so no explicit permission management is required.
sys_mem_pool() now uses a sys_mutex() for concurrency control.
Memory protection changes:
CONFIG_APPLICATION_MEMORY option has been removed from Zephyr. All test cases have been appropriately converted to use memory domains.
The build time memory domain partition generation mechanism, formerly an optional feature under CONFIG_APP_SHARED_MEM, has been overhauled and is now a core part of memory protection.
Userspace is no longer enabled by default for tests. Tests that are written to execute wholly or in part in user mode will need to enable CONFIG_TEST_USERSPACE in the test’s project configuration. There are assertions in place to enforce that this is done.
The default stack size for handling system calls has been increased to 1024 bytes.
We started applying MISRA-C (https://www.misra.org.uk/) code guideline on the Zephyr kernel. MISRA-C is a well established code guideline focused on embedded systems and aims to improve code safety, security, and portability. This initial effort was narrowed to the Zephyr kernel and architecture code, and focused only on mandatory and required rules. The following rules were addressed:
Namespace changes
Normalize switch() operators
Avoid implicit conversion to boolean types
Fix and normalize headers guard
Make if() evaluate boolean operands
Remove all VLAs (variable length array)
Avoid undefined and implementation defined behavior with shift operator
Remove recursions
Architectures
Introduced X86_64 (64 bit) architecture support with SMP features
High-level Kconfig symbol structure for Trusted Execution
ARM:
Re-architect Memory Protection code for ARM and NXP
Fully support application user mode, memory partitions, and stack protection in ARMv8m
Support built-in stack overflow protection in user mode in ARMv8m
Fix stack overflow error reporting
Support executing from SRAM in XIP builds
Support non-cacheable memory sections
Remove power-of-two align and size requirement for ARMv8-m
Introduce sync barriers in ARM-specific IRQ lock/unlock functions
Enforce double-word stack alignment on exception entry
API to allow Non-Secure FPU Access (ARMv8-M)
Various enhancements in ARM system boot code
Indicate Secure domain fault in Non-Secure fault exception
Update ARM CMSIS headers to version 5.4.0
ARC:
Userspace and MPU driver improvements
Optimization of the thread stack definition macros
Bug fixes: handling of lp_xxx registers in _rirq_return_from_coop, nested interrupt handling, hardware stack bounds checking, execution benchmarking
Atomic operations are now usable from user mode on all ARC CPUs
x86:
Support for non-PAE page tables has been dropped.
Fixed various security CVEs related to micro-architecture side-effects of speculative execution, as detailed in the security notes.
Added robustness when reporting exceptions generated due to stack overflows or induced in user mode
Pages containing read-only data no longer have the execute disable (XD) bit un-set.
Fix potential IRQ stack corruption when handling double faults
Boards & SoC Support
Added the all new NRF52 simulated board: This simulator models some of the hardware in an NRF52832 SOC, to enable running full system, multi-node simulations, without the need of real hardware. It enables fast, reproducible testing, development, and debugging of an application, BlueTooth (BT) stack, and kernel. It relies on BabbleSim to simulate the radio physical layer.
Added SoC configuration for nRF9160 and Musca ARM Cortex-M33 CPU
Added support for the following ARM boards:
96b_stm32_sensor_mez
b_l072z_lrwan1
bl652_dvk
bl654_dvk
cy8ckit_062_wifi_bt_m0
cy8ckit_062_wifi_bt_m4
efm32hg_slstk3400a
efm32pg_stk3402a
efr32mg_sltb004a
mimxrt1020_evk
mimxrt1060_evk
mimxrt1064_evk
nrf52832_mdk
nrf52840_blip
nrf52840_mdk
nrf52840_papyr
nrf52840_pca10090
nrf9160_pca10090
nucleo_f302r8
nucleo_f746zg
nucleo_f756zg
nucleo_l496zg
nucleo_l4r5zi
particle_argon
particle_xenon
v2m_musca
Added support for the following RISC-V boards:
rv32m1_vega
Added support for the following ARC boards: * Synopsys ARC IoT DevKit * Several ARC simulation targets (ARC nSIM EM/SEM; with and without MPU stack guards)
Added support for the following shield boards:
frdm_kw41z
x_nucleo_iks01a1
x_nucleo_iks01a2
Drivers and Sensors
Added new drivers and backends for native_posix:
A UART driver that maps the Zephyr UART to a new host PTY
A USB driver that can expose a host connected USB device
A display driver that will render to a dedicated window using the SDL library
A dedicated backend for the new logger subsystem
Counter
Refactored API
Ported existing counter and RTC drivers to the new API
Deprecated legacy API
RTC
Deprecated the RTC API. The Counter API should be used instead
UART
Added asynchronous API.
Added implementation of the new asynchronous API for nRF series (UART and UARTE).
ADC
ADC driver APIs are now available to threads running in user mode.
Overhauled adc_dw and renamed it to adc_intel_quark_se_c1000_ss
Fixed handling of invalid sampling requests
Display
Introduced mcux elcdif shim driver
Added support for ssd16xx monochrome controllers
Added support for ssd1608, gde029a1, and hink e0154a05
Added SDL based display emulation driver
Added SSD1673 EPD controller driver
Added SSD1306 display controller driver
Flash:
nRF5 flash driver support UICR operations
Added driver for STM32F7x series
Added flash driver support for Atmel SAM E70
Added a generic spi nor flash driver
Added flash driver for SiLabs Gecko SoCs
Ethernet:
Extended mcux driver for i.mx rt socs
Added driver for Intel PRO/1000 Ethernet controller
I2C
Added mcux lpi2c shim driver
Removed deprecated i2c_atmel_sam3 driver
Introduced Silabs i2c shim driver
Added support for I2S stm32
Pinmux
Added RV32M1 driver
Added pinmux driver for Intel S1000
Added support for STM32F302x8
PWM
Added SiFive PWM driver
Added Atmel SAM PWM driver
Converted nRF drivers to use device tree
Sensor
Added lis2ds12, lis2dw12, lis2mdl, and lsm303dlhc drivers
Added ms5837 driver
Added support for Nordic QDEC
Converted drivers to use device tree
Serial
Added RV32M1 driver
Added new asynchronous UART API
Added support for ARM PL011 UART
Introduced Silabs leuart shim serial driver
Adapted gecko uart driver for Silabs EFM32HG
USB
Added native_posix USB driver
Added usb device driver for Atmel SAM E70 family
Added nRF52840 USBD driver
Other Drivers
clock_control: Added RV32M1 driver
console: Removed telnet driver
entropy: Added Atmel SAM entropy generator driver
spi: Converted nRF drivers to use device tree
watchdog: Converted drivers to new API
wifi: simplelink: Implemented setsockopt() for TLS offload
wifi: Added inventek es-WiFi driver
timer: Refactored and accuracy improvements of the arcv2 timer driver (boot time measurements)
timer: Added/reworked Xtensa, RISV-V, NRF, HPET, and ARM systick drivers
gpio: Added RV32M1 driver
hwinfo: Added new hwinfo API and drivers
ipm: Added IMX IPM driver for i.MX socs
interrupt_controller: Added RV32M1 driver
interrupt_controller: Added support for STM32F302x8 EXTI_LINES
neural_net: Added Intel GNA driver
can: Added socket CAN support
Networking
The BSD socket API should be used by applications for any network connectivity needs.
Majority of the network sample applications were converted to use the BSD socket API.
New BSD socket based APIs were created for these components and protocols:
net-app client and server APIs were removed. This also required removal of the following net-app based legacy APIs:
MQTT
CoAP
SNTP
LWM2M
HTTP client and server
Websocket
Network packet (net-pkt) API overhaul. The new net-pkt API uses less memory and is more streamlined than the old one.
Implement following BSD socket APIs:
freeaddrinfo()
,gethostname()
,getnameinfo()
,getsockopt()
,select()
,setsockopt()
,shutdown()
Converted BSD socket code to use global file descriptor numbers.
Network subsystem converted to use new logging system.
Added support for disabling IPv4, IPv6, UDP, and TCP simultaneously.
Added support for BSD socket offloading.
Added support for long lifetime IPv6 prefixes.
Added enhancements to IPv6 multicast address checking.
Added support for IPv6 Destination Options Header extension.
Added support for packet socket (AF_PACKET).
Added support for socket CAN (AF_CAN).
Added support for SOCKS5 proxy in MQTT client.
Added support for IPSO Timer object in LWM2M.
Added support for receiving gratuitous ARP request.
Added sample application for Google IoT Cloud.
Network interface numbering starts now from 1 for POSIX compatibility.
OpenThread enhancements.
zperf sample application fixes.
LLDP (Link Layer Discovery Protocol) enhancements.
ARP cache update fix.
gPTP link delay calculation fixes.
Changed how network data is passed from L2 to network device driver.
Removed RPL (Ripple) IPv6 mesh routing support.
MQTT is now available to threads running in user mode.
Network device driver additions and enhancements:
Added Intel PRO/1000 Ethernet driver (e1000).
Added SMSC9118/LAN9118 Ethernet driver (smsc911x).
Added Inventek es-WiFi driver for disco_l475_iot1 board.
Added support for automatically enabling QEMU based Ethernet drivers.
SAM-E70 gmac Ethernet driver Qav fixes.
enc28j60 Ethernet driver fixes and enhancements.
Bluetooth
Host:
GATT: Added support for Robust Caching
GATT: L2CAP: User driven flow control
Many fixes to Mesh
Fixed and improved persistent storage handling
Fixed direct advertising support
Fixed security level 4 handling
Add option to configure peripheral connection parameters
Added support for updating advertising data without having to restart advertising
Added API to iterate through existing bonds
Added support for setting channel map
Converted SPI HCI driver to use device tree
New BLE split software Controller (experimental):
Split design with Upper Link Layer and Lower Link Layer
Enabled with
CONFIG_BT_LL_SW_SPLIT
(disabled by default)Support for multiple BLE radio hardware architectures
Asynchronous handling of procedures in the ULL
Enhanced radio utilization (99% on continuous 100ms scan)
Latency resilience: Approx 100uS vs 10uS, 10x improvement
CPU and power usage: About 20% improvement
Multiple advertiser and scanner instances
Support for both Big and Little-Endian architectures
Controller:
Added support for setting the public address
Multiple control procedures fixes and improvements
Advertising random delay fixes
Fixed a serious memory corruption issue during scanning
Fixes to RSSI measurement
Fixes to Connection Failed to be Established sequence
Transitioned to the new logging subsystem from syslog
Switched from
-Ofast
to-O2
in time-critical sectionsReworked the RNG/entropy driver to make it available to apps
Multiple size optimizations to make it fit in smaller devices
nRF: Rework the PPI channel assignment to use pre-assigned ones
Add extensive documentation to the shared primitives
Several fixes for big-endian architectures
Build and Infrastructure
Added support for out-of-tree architectures.
Added support for out-of-tree implementations of in-tree drivers.
BabbleSim has been integrated in Zephyr’s CI system.
Introduced
DT_
prefix for all labels generated for information extracted from device tree (with a few exceptions, such as labels for LEDs and buttons, kept for backward compatibility with existing applications). Deprecated all other defines that are generated.Introduce CMake variables for DT symbols, just as we have for CONFIG symbols.
Move DeviceTree processing before Kconfig. Thereby allowing software to be configured based on DeviceTree information.
Automatically change the KCONFIG_ROOT when the application directory has a Kconfig file.
Added west tool for multiple repository management
Added support for Zephyr modules
Build system
flash
anddebug
targets now require westAdded generation of DT_<COMPAT>_<INSTANCE>_<PROP> defines which allowed sensor or other drivers on buses like I2C or SPI to not require dts fixup.
Added proper support for device tree boolean properties
Libraries / Subsystems
Added a new display API and subsystem
Added support for CTF Tracing
Added support for JWT (JSON Web Tokens)
Flash Maps:
API extension
Automatic generation of the list of flash areas
Settings:
Enabled logging instead of ASSERTs
Always use the storage partition for FCB
Fixed FCB backend and common bugs
Logging:
Removed sys_log, which has been replaced by the new logging subsystem introduced in v1.13
Refactored log modules registration macros
Improved synchronous operation (see
CONFIG_LOG_IMMEDIATE
)Added commands to control the logger using shell
Added
LOG_PANIC()
call to the fault handlers to ensure that logs are output on faultAdded mechanism for handling logging of transient strings. See
log_strdup()
Added support for up to 15 arguments in the log message
Added optional function name prefix in the log message
Changed logging thread priority to the lowest application priority
Added notification about dropped log messages due to insufficient logger buffer size
Added log backends:
RTT
native_posix
net
SWO
Xtensa Sim
Changed default timestamp source function to
k_uptime_get_32()
Shell:
Added new implementation of the shell sub-system. See Shell
Added shell backends:
UART
RTT
telnet
Ring buffer:
Added byte mode
Added API to work directly on ring buffer memory to reduce memory copying
Removed
sys_
prefix from API functions
MBEDTLS APIs may now be used from user mode.
HALs
Updated Nordic nrfx to version 1.6.2
Updated Nordic nrf ieee802154 radio driver to version 1.2.3
Updated SimpleLink to TI CC32XX SDK 2.40.01.01
Added Microchip MEC1701 Support
Added Cypress PDL for PSoC6 SoC Support
Updates to stm32cube, Silabs Gecko SDK, Atmel.
Update ARM CMSIS headers to version 5.4.0
Documentation
Reorganized subsystem documentation into more meaningful collections and added or improved introductory material for each subsystem.
Overhauled Bluetooth documentation to split it into manageable units and included additional information, such as architecture and tooling.
Added to and improved documentation on many subsystems and APIs including socket offloading, Ethernet management, LLDP networking, network architecture and overview, net shell, CoAP, network interface, network configuration library, DNS resolver, DHCPv4, DTS, flash_area, flash_mpa, NVS, settings, and more.
Introduced a new debugging guide (see Debug Probes) that documents the supported debug probes and host tools in one place, including which combinations are valid.
Clarified and improved information about the west tool and its use.
Improved development process documentation including how new features are proposed and tracked, and clarifying API lifecycle, issue and PR tagging requirements, contributing guidelines, doc guidelines, release process, and PR review process.
Introduced a developer “fast” doc build option to eliminate the time needed to create the full kconfig option docs from a local doc build, saving potentially five minutes for a full doc build. (Doc building time depends on your development hardware performance.)
Made dramatic improvements to the doc build processing, bringing iterative local doc generation down from over two minutes to only a few seconds. This makes it much faster for doc developers to iteratively edit and test doc changes locally before submitting a PR.
Added a new
zephyr-file
directive to link directly to files in the Git tree.Introduced simplified linking to doxygen-generated API reference material.
Made board documentation consistent, enabling a board-image carousel on the zephyrproject.org home page.
Reduced unnecessarily large images to improve page load times.
Added CSS changes to improve API docs appearance and usability
Made doc version selector more obvious, making it easier to select documentation for a specific release
Added a friendlier and more graphic home page.
Tests and Samples
A new set of, multinode, full system tests of the BT stack, based on BabbleSim have been added.
Added unique identifiers to all tests and samples.
Removed old footprint benchmarks
Added tests for CMSIS RTOS API v2, BSD Sockets, CANBus, Settings, USB, and miscellaneous drivers.
Added benchmark applications for the scheduler and mbedTLS
Added samples for the display subsystem, LVGL, Google IOT, Sockets, CMSIS RTOS API v2, Wifi, Shields, IPC subsystem, USB CDC ACM, and USB HID.
Add support for using sanitycheck testing with Renode