| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Updated submodule libraries to latest release
* Updated pointer for FreeRTOS-Plus-TCP
* Updated README about SNTP
* Updated link for coreSNTP on freertos.org
* Updated corePKCS11 to 'update-pkcs11submodule' branch for testing
* Update corePKCS11 version in manifest.yml
* Updated corePKCS11 pointer to v3.1.0
Co-authored-by: Oscar Michael Abrina <abrinao@amazon.com>
Co-authored-by: Archit Aggarwal <architag@amazon.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Replace library links with the application-protocols one
The ReadMe.txt refers to library link on FreeRTOS.org which will not be available until after the library is released in github. Instead, use top level page https://www.freertos.org/application-protocols.html which lists all the libraries in this directory which is also easy for user to navigate and could avoid this issue when releasing new library.
* Update FreeRTOS-Plus/Source/Application-Protocols/readme.txt
Co-authored-by: Archit Aggarwal <architag@amazon.com>
* Update FreeRTOS-Plus/Source/Application-Protocols/readme.txt
Co-authored-by: Paul Bartell <pbartell@amazon.com>
Co-authored-by: Archit Aggarwal <architag@amazon.com>
Co-authored-by: Paul Bartell <pbartell@amazon.com>
|
| |
|
|
|
|
|
| |
* Remove submodules of community and partner contribution repos, and stale directory of FreeRTOS+UDP
* Obselete NTP demo and rename of HTTP server demo folder
* Update manifest.yml
|
| |
|
| |
Co-authored-by: Jason Carroll <czjaso@amazon.com>
|
| |
|
|
|
| |
* Updated kernel submodule pointer to kernel V10.4.4 release
* Updated manifest.yml
|
| |
|
|
|
|
|
| |
* Updating device shadow to latest commit
* updating jobs pointer
* Updating device-defender pointer
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Add uncrustify github workflow
* Fix exclusion pattern
* fix find expression
* exclude uncrustify files
* Uncrustify common demo and test files
* exlude white space checking files
* Fix EOL whitespace checker
* Remove whitespaces from EOL
* Fix space at EOL
* Fix find spaces at EOL
Co-authored-by: Archit Aggarwal <architag@amazon.com>
|
| | |
|
| |
|
|
|
| |
Update instructions to use repositories instead of directories.
Signed-off-by: Gaurav Aggarwal <aggarg@amazon.com>
|
| |
|
| |
Update mbedTLS submodule to v2.26.0 and update History.txt
|
| | |
|
| | |
|
| |
|
|
|
| |
Since `mbedtls_error.c` is already part of the mbedTLS submodule, the duplicate files are removed from this repository.
Co-authored-by: Cobus van Eeden <35851496+cobusve@users.noreply.github.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Issue
The existing clock discipline algorithm in the coreSNTP demo yields an inaccurate wall-clock time (in UTC) that is always behind the astronomical UTC time by the chosen polling interval period of the demo. The issue with the clock discipline algorithm was that it was calculating the slew rate to make the system clock be gradually compensated for the previous time synchronization clock drift over the period of the subsequent polling time interval. Thereby, the clock slew rate correction calculated is always lower than it should be (because it does not incorporate possible clock drift that would occur over another period of time polling interval till the next time synchronization attempt).
Fix
This PR fixes the clock discipline algorithm to make the demo calculate its system time that matches the astronomical UTC time.
The fix involves simplifying the clock discipline algorithm to use a combination of step and slew correction approaches where:
1. Step correction is applied on EVERY time successful synchronization with a time server. This immediately corrects the system time to match server time.
2. Slew rate is calculated ONCE (on the second successful time synchronization with server) and applied henceforth, on every time polling interval period to compensate gradually for the system clock drift during the period.
|
| |
|
| |
* PKCS11 fix
|
| |
|
|
|
| |
* Update BSP and SDK for HiFive board
This commit also adds demo start and success/failure output messages.
|
| |
|
|
|
|
| |
This PR makes the following changes in the coreSNTP demo:
To suggest the most secure way of using SNTP communication, we are adding a documentation note about the Network Time Security in the SNTP demo.
Hygiene update of using the FreeRTOS/backoffAlgorithm utility library for calculating time polling period interval backoff when time requests are rejected by a time server.
|
| | |
|
| | |
|
| |
|
|
|
|
|
| |
Issue
There is a possible vulnerability of Denial of Service attack by keeping the UDP socket for the SNTP client task always open in the coreSNTP demo. The Denial of Service attack can occur from receiving multiple server response (duplicated or malicious) for a single SNTP time request sent by the client, and thereby, filing the socket network buffer response packets that affect future time requests.
Solution
This PR fixes this vulnerability by updating the demo to keep a UDP socket open only for the time period of waiting for server response, closing the socket on either receiving a server response or experiencing server timeout, and re-creating a UDP socket for the next polling try. This PR also adds another security functionality using a random port for UDP socket to protect against spoofing attacks from "off-network path" attackers.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* moved submodule to backoff v1.0.1
* move corehttp module to latest commit
* move coremqtt module to latest commit
* move coremqtt Agent module to latest commit
* move coreSNTP Agent module to latest commit
* move coreJSON Agent module to latest commit
* move corePKCS11 Agent module to latest commit
* Reverting coreHttp to previous commit
* Updating coreHttp pointer after fix
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Fix code to match comment; idle prioriry task should not block to yield, as then it will hardly run at all (bug affects SMP tests)
* Add RP2040 Demo - can be used for 'main' or 'smp' branch of FreeRTOS_Kernel
* move to latest main/ of FreeRTOS-Kernel
* move RP2040 demos into Community-Supported
* Update whitespace issue
Co-authored-by: Gaurav-Aggarwal-AWS <33462878+aggarg@users.noreply.github.com>
* Add SMP to lexicon
Co-authored-by: Gaurav-Aggarwal-AWS <33462878+aggarg@users.noreply.github.com>
|
| |
|
|
|
|
| |
This is needed because FreeRTOS heap is now placed in the privileged
data section.
Signed-off-by: Gaurav Aggarwal <aggarg@amazon.com>
|
| |
|
|
| |
use named shadow (#636)
|
| |
|
|
|
|
|
|
|
|
|
| |
* Partner demo changes
* Adding template folder
* readme addition to partner supported folder
* updating license
Co-authored-by: Gaurav-Aggarwal-AWS <33462878+aggarg@users.noreply.github.com>
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
| |
* Fix data copy address error
Co-authored-by: Jinping Wu <jinping.wu@verisilicon.com>
|
| |
|
|
|
|
|
|
|
| |
Update the coreSNTP submodule to the latest commit. Also, make updates to the coreSNTP demo for the new changes in the SNTP library which include the following:
1. Update to the type for packet size from size_t to uint16_t for parameters in the transport and authentication interfaces.
2. Change in the call to Sntp_SendTimeRequest API to pass the new blockTimeMs parameter added to the API.
3. Update to the clock-offfset type from int32_t to int64_t for representing information in milliseconds. To accommodate this update in the SntpSetTime_t interface, the mathematical model for representing system clock has been updated to store slew rate as milliseconds/second (instead of second/second). This change improves the accuracy of the WinSim demo time correction (because the milliseconds of time difference between server and client time is corrected over the entire polling interval which makes a significant difference!).
This PR also adds demo config macros for setting the block time values passed to the Sntp_SendTimeRequest and Sntp_ReceiveTimeResponse APIs.
|
| |
|
|
|
| |
Co-authored-by: Victor <vfernandez@maccorobotics.com>
Co-authored-by: Paul Bartell <pbartell@amazon.com>
Co-authored-by: Shivangi <66447522+gshvang@users.noreply.github.com>
|
| | |
|
| |
|
| |
Adds two new submodules for community and partner supported ports demos.
|
| |
|
|
|
|
|
|
| |
Update the coreSNTP demo to showcase use of symmetric key algorithm of authentication scheme for securing SNTP communication between client and server.
The demo uses the AES-128-CMAC algorithm for the generating Message Authentication Code for the client on sending the SNTP time request to server as well as validating the server response received by verifying if the payload present authentication code can be generated. Use of an authentication mechanism in SNTP communication protects against server spoofing attacks as well as man-in-the-middle attacks of server response modification.
The demo uses corePKCS11 library for the AES-CMAC operations. Also, the demo adds functionality of generating random number, using corePKCS11, for sending as a parameter to the Sntp_SendTimeRequest API.
Note: For symmetric key based security mechanism to be protective against malicious, it is IMPORTANT to securely pre-share the symmetric key between client and server.
|
| |
|
|
|
|
|
| |
(#621)
Add the FreeRTOS/coreSNTP library as a submodule (along with manifest.yaml file update) and add a demo project to showcase use of the coreSNTP library for having a SNTP client daemon in the system for periodically synchronizing system time with the internet to maintain Coordinated Univeral Time (UTC) in a device. This demo maintains UTC time of system in RAM, thereby, representing systems without a Real-Time Clock (RTC) module in the device.
Note: This demo shows use of coreSNTP library for SNTP communication with NTP/SNTP time servers in non-authenticated mode (i.e. without any security mechanism payload beyond the standard 48 bytes of NTP packet exchange between client-server).
|
| | |
|
| |
|
|
|
| |
This commit is paired with another to queue.c in the kernel. To
accomodate changes in newer versions of CBMC, the
--pointer-overflow-check is removed.
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumps [urllib3](https://github.com/urllib3/urllib3) from 1.26.4 to 1.26.5.
- [Release notes](https://github.com/urllib3/urllib3/releases)
- [Changelog](https://github.com/urllib3/urllib3/blob/main/CHANGES.rst)
- [Commits](https://github.com/urllib3/urllib3/compare/1.26.4...1.26.5)
---
updated-dependencies:
- dependency-name: urllib3
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
| | |
|
| |
|
| |
Add support for setting the main branch version number in task.h from within the github auto release workflow.
|
| | |
|
