Add lots more membrowse platforms

.github/scripts/zephyr-4.x/zephyr-test.sh

@@ -112,6 +112,9 @@ LOG_DIR="${SCRIPT_DIR}/logs"
 mkdir -p "${LOG_DIR}"
 TIMESTAMP=$(date +%Y%m%d_%H%M%S)
 LOG_FILE="${LOG_DIR}/${BOARD_SLUG}_${TIMESTAMP}.log"
+ARTIFACTS_DIR="${SCRIPT_DIR}/artifacts/${BOARD_SLUG}-${SAMPLE_NAME}"
+mkdir -p "${ARTIFACTS_DIR}"
+chmod 0755 "${ARTIFACTS_DIR}"
 
 echo "==> wolfSSL repo:   ${WOLFSSL_REPO}"
 echo "==> wolfSSL branch: ${WOLFSSL_BRANCH}"
@@ -256,6 +259,19 @@ else
     echo ""
     echo "==> [container] Build succeeded!"
 
+    # Stage Membrowse-relevant artifacts on the host-mounted volume.
+    # /artifacts is bind-mounted by the host wrapper; if it isn't writable
+    # (e.g. interactive runs without the mount), skip silently.
+    if [[ -d /artifacts && -w /artifacts ]]; then
+        BUILD_OUT="${WORKDIR}/zephyrproject/build/zephyr"
+        if [[ -f "${BUILD_OUT}/zephyr.elf" ]]; then
+            cp "${BUILD_OUT}/zephyr.elf" /artifacts/zephyr.elf
+        fi
+        if [[ -f "${BUILD_OUT}/linker.cmd" ]]; then
+            cp "${BUILD_OUT}/linker.cmd" /artifacts/linker.cmd
+        fi
+    fi
+
     # Run the app for emulator targets and watch for completion
     case "${BOARD_TARGET}" in
         native_sim*|qemu_*)
@@ -342,6 +358,7 @@ docker rm -f "${CONTAINER_NAME}" 2>/dev/null || true
 DOCKER_ARGS=(
     --name "${CONTAINER_NAME}"
     --rm
+    -v "${ARTIFACTS_DIR}:/artifacts"
 )
 
 if [[ "$INTERACTIVE" == "1" ]]; then

.github/workflows/membrowse-onboard.yml

@@ -26,7 +26,7 @@ jobs:
   onboard:
     needs: load-targets
     runs-on: ubuntu-24.04
-    timeout-minutes: 10
+    timeout-minutes: 30
     strategy:
       fail-fast: false
       matrix:
@@ -43,6 +43,7 @@ jobs:
         uses: ./.github/actions/install-apt-deps
         with:
           packages: ${{ matrix.apt_packages }}
+          cache: ${{ matrix.apt_cache || 'true' }}
 
       - name: Run Membrowse Onboard Action
         uses: membrowse/membrowse-action/onboard-action@v1

.github/workflows/membrowse-report.yml

@@ -27,7 +27,7 @@ jobs:
   analyze:
     needs: load-targets
     runs-on: ubuntu-24.04
-    timeout-minutes: 10
+    timeout-minutes: 30
     strategy:
       fail-fast: false
       matrix:
@@ -44,6 +44,7 @@ jobs:
         uses: ./.github/actions/install-apt-deps
         with:
           packages: ${{ matrix.apt_packages }}
+          cache: ${{ matrix.apt_cache || 'true' }}
 
       - name: Build firmware
         run: ${{ matrix.build_cmd }}
@@ -59,4 +60,3 @@ jobs:
           api_key: ${{ secrets.MEMBROWSE_API_KEY }}
           api_url: ${{ vars.MEMBROWSE_API_URL }}
           verbose: INFO
-

.github/workflows/membrowse-zephyr.yml

@@ -0,0 +1,69 @@
+name: Membrowse Zephyr Report
+
+# Triggered after the heavy Zephyr 4.x test workflow completes. Pulls the
+# pre-built zephyr.elf and linker.cmd artifacts staged by zephyr-test.sh and
+# feeds them to the Membrowse memory-tracking service. This avoids
+# duplicating the (slow) Zephyr build inside the Membrowse matrix.
+
+on:
+  workflow_run:
+    workflows: [Zephyr 4.x tests]
+    types:
+      - completed
+
+jobs:
+  analyze:
+    runs-on: ubuntu-24.04
+    if: >
+      github.event.workflow_run.conclusion == 'success' &&
+      github.repository_owner == 'wolfssl'
+    permissions:
+      contents: read
+      actions: read
+    strategy:
+      fail-fast: false
+      matrix:
+        include:
+          - target_name: zephyr-native_sim
+            artifact: membrowse-zephyr-native_sim
+          - target_name: zephyr-frdm_rw612
+            artifact: membrowse-zephyr-frdm_rw612
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v5
+        with:
+          fetch-depth: 0
+
+      - name: Download Zephyr build artifact
+        id: download
+        uses: actions/download-artifact@v4
+        with:
+          name: ${{ matrix.artifact }}
+          path: zephyr-artifacts/${{ matrix.target_name }}
+          run-id: ${{ github.event.workflow_run.id }}
+          github-token: ${{ secrets.GITHUB_TOKEN }}
+        continue-on-error: true
+
+      - name: Verify artifact present
+        id: verify
+        run: |
+          ELF="zephyr-artifacts/${{ matrix.target_name }}/zephyr.elf"
+          LD="zephyr-artifacts/${{ matrix.target_name }}/linker.cmd"
+          if [[ -f "$ELF" && -f "$LD" ]]; then
+            echo "have_artifacts=true" >> "$GITHUB_OUTPUT"
+          else
+            echo "have_artifacts=false" >> "$GITHUB_OUTPUT"
+            echo "::warning::Membrowse artifact for ${{ matrix.target_name }} not found; the matching cell of zephyr-4.x.yml may have been skipped or excluded."
+          fi
+
+      - name: Run Membrowse PR Action
+        if: steps.verify.outputs.have_artifacts == 'true'
+        uses: membrowse/membrowse-action@v1
+        with:
+          target_name: ${{ matrix.target_name }}
+          elf: zephyr-artifacts/${{ matrix.target_name }}/zephyr.elf
+          ld: zephyr-artifacts/${{ matrix.target_name }}/linker.cmd
+          linker_vars: ""
+          api_key: ${{ secrets.MEMBROWSE_API_KEY }}
+          api_url: ${{ vars.MEMBROWSE_API_URL }}
+          verbose: INFO

.github/workflows/zephyr-4.x.yml

@@ -78,3 +78,21 @@ jobs:
           path: .github/scripts/zephyr-4.x/logs/
           retention-days: 5
           if-no-files-found: ignore
+
+      # Stage Membrowse artifacts only for the cells we want to track on the
+      # Membrowse dashboard. Keep this tight to avoid duplicate target_name
+      # entries on the dashboard and unnecessary artifact uploads.
+      - name: Upload Membrowse artifacts (selected cells only)
+        if: >
+          success() &&
+          matrix.zephyr-ref == 'v4.3.0' &&
+          matrix.sample == 'wolfssl_test' &&
+          matrix.extra-conf == ''
+        uses: actions/upload-artifact@v4
+        with:
+          name: membrowse-zephyr-${{ matrix.board == 'native_sim' && 'native_sim' || 'frdm_rw612' }}
+          path: |
+            .github/scripts/zephyr-4.x/artifacts/${{ matrix.board == 'native_sim' && 'native_sim' || 'frdm_rw612-rw612' }}-wolfssl_test/zephyr.elf
+            .github/scripts/zephyr-4.x/artifacts/${{ matrix.board == 'native_sim' && 'native_sim' || 'frdm_rw612-rw612' }}-wolfssl_test/linker.cmd
+          if-no-files-found: warn
+          retention-days: 1

IDE/GCC-ARM/Header/user_settings.h

@@ -469,10 +469,10 @@ extern "C" {
 /* Override Current Time */
 /* Allows custom "custom_time()" function to be used for benchmark */
 #define WOLFSSL_USER_CURRTIME
-#define WOLFSSL_GMTIME
+#define TIME_OVERRIDES
 #define USER_TICKS
-extern unsigned long my_time(unsigned long* timer);
 #define XTIME my_time
+#define XGMTIME my_gmtime
 
 
 /* ------------------------------------------------------------------------- */
@@ -656,4 +656,3 @@ extern unsigned int my_rng_seed_gen(void);
 #endif
 
 #endif /* WOLFSSL_USER_SETTINGS_H */
-

IDE/GCC-ARM/Makefile.common

@@ -89,6 +89,8 @@ SRC_C += ../../src/sniffer.c
 SRC_C += ../../src/ssl.c
 SRC_C += ../../src/tls.c
 SRC_C += ../../src/tls13.c
+SRC_C += ../../src/dtls.c
+SRC_C += ../../src/dtls13.c
 SRC_C += ../../src/wolfio.c
 
 # wolfCrypt Core (FIPS)
@@ -181,10 +183,13 @@ endif
 SRC_C += ../../wolfcrypt/src/arc4.c
 SRC_C += ../../wolfcrypt/src/blake2b.c
 SRC_C += ../../wolfcrypt/src/camellia.c
+SRC_C += ../../wolfcrypt/src/dilithium.c
 SRC_C += ../../wolfcrypt/src/dsa.c
 SRC_C += ../../wolfcrypt/src/md2.c
 SRC_C += ../../wolfcrypt/src/md4.c
 SRC_C += ../../wolfcrypt/src/ripemd.c
+SRC_C += ../../wolfcrypt/src/wc_mlkem.c
+SRC_C += ../../wolfcrypt/src/wc_mlkem_poly.c
 
 
 FILENAMES_C = $(notdir $(SRC_C))

IDE/GCC-ARM/Source/wolf_main.c

@@ -27,6 +27,9 @@
 #include <stdio.h>
 #include <stdarg.h>
 #include <string.h>
+#ifdef NO_ASN_TIME
+    #include <time.h>
+#endif
 
 
 /* TIME CODE */
@@ -37,21 +40,103 @@ static int hw_get_time_sec(void)
 {
     #warning Must implement your own time source if validating certificates
 
-	return ++gTimeMs;
+    return ++gTimeMs;
+}
+
+static int IsLeapYear(int year)
+{
+    return ((year % 4) == 0 && ((year % 100) != 0 || (year % 400) == 0));
 }
 
 /* This is used by wolfCrypt asn.c for cert time checking */
-unsigned long my_time(unsigned long* timer)
+time_t my_time(time_t* timer)
 {
-    (void)timer;
-    return hw_get_time_sec();
+    time_t curTime = (time_t)hw_get_time_sec();
+
+    if (timer != NULL) {
+        *timer = curTime;
+    }
+
+    return curTime;
+}
+
+struct tm* my_gmtime(const time_t* timer, struct tm* tmp)
+{
+    static struct tm staticTime;
+    static const unsigned char daysPerMonth[] =
+        { 31, 28, 31, 30, 31, 30, 31, 31, 30, 31, 30, 31 };
+    time_t curTime;
+    long days;
+    long rem;
+    int year;
+    int yearDays;
+    int month;
+    int monthDays;
+
+    if (tmp == NULL) {
+        tmp = &staticTime;
+    }
+
+    curTime = (timer != NULL) ? *timer : my_time(NULL);
+    if (curTime < 0) {
+        curTime = 0;
+    }
+
+    days = (long)(curTime / 86400);
+    rem = (long)(curTime % 86400);
+
+    tmp->tm_hour = (int)(rem / 3600);
+    rem %= 3600;
+    tmp->tm_min = (int)(rem / 60);
+    tmp->tm_sec = (int)(rem % 60);
+    tmp->tm_wday = (int)((days + 4) % 7);
+
+    year = 1970;
+    while (1) {
+        yearDays = IsLeapYear(year) ? 366 : 365;
+        if (days < yearDays) {
+            break;
+        }
+        days -= yearDays;
+        year++;
+    }
+
+    tmp->tm_year = year - 1900;
+    tmp->tm_yday = (int)days;
+
+    for (month = 0; month < 12; month++) {
+        monthDays = daysPerMonth[month];
+        if (month == 1 && IsLeapYear(year)) {
+            monthDays++;
+        }
+        if (days < monthDays) {
+            break;
+        }
+        days -= monthDays;
+    }
+
+    tmp->tm_mon = month;
+    tmp->tm_mday = (int)days + 1;
+    tmp->tm_isdst = 0;
+
+    return tmp;
 }
 
 #ifndef WOLFCRYPT_ONLY
 /* This is used by TLS only */
-unsigned int LowResTimer(void)
+word32 LowResTimer(void)
+{
+    return (word32)hw_get_time_sec();
+}
+
+/* This is used by TLS 1.3 ticket and PSK timeouts. */
+#ifdef WOLFSSL_32BIT_MILLI_TIME
+word32 TimeNowInMilliseconds(void)
+#else
+sword64 TimeNowInMilliseconds(void)
+#endif
 {
-    return hw_get_time_sec();
+    return (sword64)my_time(NULL) * 1000;
 }
 #endif
 

IDE/GCC-ARM/include.am

@@ -10,6 +10,7 @@ EXTRA_DIST+= IDE/GCC-ARM/Source/test_main.c
 EXTRA_DIST+= IDE/GCC-ARM/Source/tls_client.c
 EXTRA_DIST+= IDE/GCC-ARM/Source/tls_server.c
 EXTRA_DIST+= IDE/GCC-ARM/linker.ld
+EXTRA_DIST+= IDE/GCC-ARM/linker_large.ld
 EXTRA_DIST+= IDE/GCC-ARM/linker_fips.ld
 EXTRA_DIST+= IDE/GCC-ARM/Makefile
 EXTRA_DIST+= IDE/GCC-ARM/Makefile.bench

IDE/GCC-ARM/linker_large.ld

@@ -0,0 +1,30 @@
+MEMORY
+{
+  FLASH (wx) : ORIGIN = 0x00000000, LENGTH = 1024K
+  RAM   (wx) : ORIGIN = 0x20000000, LENGTH = 256K
+}
+
+SECTIONS
+{
+    __vectors_start__ = .;
+    .vectors : { *(.vectors) } > FLASH
+    __vectors_end__ = __vectors_start__ + 0x400;
+    .sys    : { *(.sys*) }    > FLASH
+    .text   : { *(.text*) }   > FLASH
+    .rodata : { *(.rodata*) } > FLASH
+
+    __data_load_start__ = .;
+    __data_start__ = .;
+    .data   : { *(.data*) }   > RAM
+    __data_end__ = __data_start__ + SIZEOF(.data);
+
+    __bss_start__ = .;
+    .bss    : { *(.bss*)  }   > RAM
+    __bss_end__   = __bss_start__ + SIZEOF(.bss);
+
+    __heap_start__ = .;
+    .heap   : { *(.heap*)  }   > RAM
+    __heap_end__ = __heap_start__ + SIZEOF(.heap);
+
+    end = .;
+}

examples/configs/user_settings_openssl_compat.h

@@ -51,6 +51,23 @@ extern "C" {
 #define HAVE_WOLFSSL_SSL_H
 #define OPENSSL_COMPATIBLE_DEFAULTS
 
+/* No-socket embedded builds still compile IP SAN helpers through OPENSSL_ALL.
+ * Provide local address-conversion stubs when the platform has no socket API. */
+#ifdef WOLFSSL_NO_SOCK
+    #ifndef WOLFSSL_IP4
+        #define WOLFSSL_IP4 2
+    #endif
+    #ifndef WOLFSSL_IP6
+        #define WOLFSSL_IP6 10
+    #endif
+    #ifndef XINET_PTON
+        #define XINET_PTON(a,b,c) 0
+    #endif
+    #ifndef XINET_NTOP
+        #define XINET_NTOP(a,b,c,d) NULL
+    #endif
+#endif
+
 /* Avoid old name conflicts */
 #define NO_OLD_RNGNAME
 #define NO_OLD_WC_NAMES