AliOS Things Linux Edition v1.3.0 Release Note

Release Date: 2019.04

Release Version: 1.3.0

Abstract

AliOS Things Linux Edition release 1.3.0 has new features added as follows:

Kernel

Kernel updated to 4.9.155 and additional kernel security patches are applied to evade potential security issues.

Security

• System
  Update several software packages and similarly, security patches are also applied. CVE patches list:
  CVE-2017-1000158 CVE-2017-18207 CVE-2018-1060 CVE-2018-1061
  CVE-2017-11671 CVE-2018-6797 CVE-2018-12015 CVE-2018-6913
  CVE-2017-12883 CVE-2017-12837 CVE-2018-6798 CVE-2017-6519
  CVE-2018-6942 CVE-2018-7738 CVE-2017-7375 CVE-2018-9251
  CVE-2018-14567 CVE-2017-18258 CVE-2017-7376 CVE-2017-5130
  CVE-2016-9318 CVE-2017-16932 CVE-2018-14404 CVE-2017-3737
  CVE-2018-0732 CVE-2018-0739 CVE-2017-3735 CVE-2017-3736
  CVE-2017-3737 CVE-2017-3738 CVE-2018-0737 CVE-2017-15906
  CVE-2017-6888 CVE-2017-12562 CVE-2018-13139 CVE-2017-14245
  CVE-2017-14246 CVE-2017-14634 CVE-2017-17456 CVE-2017-17457
  CVE-2018-19661 CVE-2018-19662 CVE-2017-17484 CVE-2017-14952
  CVE-2018-11236 CVE-2017-18269 CVE-2018-1000001 CVE-2018-6551
  CVE-2018-11237 CVE-2018-6485 CVE-2017-16544 CVE-2017-15873
  CVE-2017-0553 CVE-2016-6252

• Secure storage
  Secure storage, in the form of a library, is available for protecting sensitive data. Applications can access secure storage through APIs in libsecstore.h. Each application, running as an unique user, can have it's own secure storage. To use secure storage, add inherit secstore in the application's recipe. Examples are given in libsecstore/secstore-test_1.0.bb.

Virtualization

• uContainer
  uContainer is an ultra light weight IoT container tool, with footprint as small as 100k and quite little memory usage, can run on resource constrained IoT devices.
  • Isolate filesystem, network and PIDs
  • Support OCI bundle
  • Support docker images
  • Support downloading images from docker registry
  • Limit CPU and memory usage of application running in containers

Middlewares

• OpenVINO
  Support OpenVINO based on Intel corei7-x86 esdk

• Aliyun IoT Linkkit C-SDK
  Update to C-SDK 3.0.1, release note.

• OTA
  Upgrade to use MbedTLS 2.16

Development

• eSDK
  Support four types of eSDK, based on raspberrypi 3b, Intel corei7-x86, qemuarm and qemux-86

Hardware

New hardware platforms supported

• MediaTek
  • SeeedStudio LinkitSmart MT7688 (Mediatek MT7688AN chipset with MIPS24KEc core)
    • Linux kernel with OpenWRT patches
    • Flashing via MT7688 u-boot
    • JFFS2 filesystem image
    • OpenWRT backported WiFi drivers and MT76 driver compiled out-of-tree