Device Management Client 4.2.1
Device Management Client
Reverted a bug fix for PAL and FCC support for files larger than 2 GB. This fixes a regression in 4.2.0 release for embedded Linux platforms where enabling tracing causes a hard fault in the application.
Known issues
- [PAL tests] PAL filesystem and PAL update tests currently support external SD card storage. Support for other storage types will be added in future releases.
- [PAL tests] PAL TLS test (
TCPHandshakeWhileCertVerify_threads
) is not working on Mbed OS 5.13.0. - Client resource size is limited to 64 KiB. For example, large binary objects (opaque resources) cannot exceed 64 KiB.
- Upload large pictures or other large binary objects to a different hosting service and use the LwM2M resources for passing the URI for that type of objects.
- Alternatively, you can split a large object into chunks, and expose those chunks through multiple opaque resource instances.
- [Mbed OS] Neither firmware update nor production flow is currently working with Nucleo F303RE.
- [Mbed OS] The device may stall at certificate renewal when compiling with the PSA configuration.
- [CoAP library] We have a number of reported issues in the CoAP library. They have not been fixed yet. To be able to use the vulnerabilities, an attacker needs to bypass or hijack the Pelion Device Management connection using a malicious connection, so the risk is not imminent.
Mbed OS
We recommend that you read the Mbed OS release notes for known issues and their latest status.
- PSA is in preview level and as such not ready for production yet.
- You cannot update the pre-compiled PSA binary through firmware update. You can only update the application itself.
- NXP LPC55S69:
- The board has only 640 KB flash. PSA takes 192 KB out of it.
- You can use the Client example (with firmware update and bootloader) with
release
profile due to the flash size limitation. - Only ARMC6 is supported for compilation.
- K64F:
- You can use the board in PSA mode (without real HW PSA implementation).
- The configuration file that allows this is placed under the
configs-psa
folder in the example. - The PSA mode adds RAM consumption (static +3.5 KB) and flash/ROM consumption (+18.5 KB).
- Arm and partners are optimizing the solution in future releases.
Linux
- Firmware update installation of very large images on Raspberry Pi3B or Pi3B+ may result in a
mmc0 timeout
failure. This is a generic Raspberry Pi3 issue. See RPI issue #2392. - Firmware update from one Linux distribution version to another does not work. For example, firmware update from Yocto distribution Morty to Rocko is not currently possible, as there are Linux version-dependent files (device tree) in the
BOOT
partition. Therefore, you must update within one major version of a distribution. glibc
versions 2.23 and 2.24 have a bug in thread creation. It can cause random crashes with Linux.- If possible, update
glibc
to version 2.25 (or later). See sourceware issue 20116 for details. - We have implemented a workaround for this issue to decrease its likelihood. This issue may still occur under certain circumstances.
- If possible, update
- The Device Management Client application must run as
root
to have access rights to perform the firmware update.- This is not the most secure way to handle this issue, so a more secure implementation will come later.
- Yocto distribution has only been tested in developer certificate mode.
- Yocto distribution used does not yet support Raspberry Pi4.
Device Management Client Third Party IP report
Device Management Client uses some open source third-party IP (TPIP). This table lists the TPIP and sources:
Original | License | Description |
---|---|---|
bsdfiff | BSD 2 clause | Diff algorithm used for delta update image generation. |
LZ4 | BSD 2 clause (lz4.c and lz4.h under /lib in LZ4) | Compression algorithm used for compressing delta update images. |
TinyCBOR | MIT | Factory configurator client (FCC) uses TinyCBOR, which is a constrained node implementation of CBOR in C, with slight modifications. The code is at mbed-cloud-client/tinycbor and in a standalone repository in GitHub. |
Unity | MIT | Platform Adaptation Layer (PAL) tests use Unity framework from ThrowTheSwitch. The code is at mbed-cloud-client/mbed-client-pal/Test/Unity. |
You also get more TPIP with the Mbed OS release itself, see their LICENSE.md for details.