Updating Mbed TLS to v3.6.4 resulted in some
redundant declarations warnings (treated as errors)
in some of its libraries. Hence, the changes in
`components/security/mbedtls/integration/CMakeLists.txt`

Signed-off-by: Ahmed Ismail <Ahmed.Ismail@arm.com>

The goal of this commit is to update
ML-Embedded-Evaluation-Kit library to
version 25.05 which includes switching
to CMSIS6 from CMSIS5.

Signed-off-by: Daniel Velez <daniel.velez@arm.com>
Signed-off-by: Ahmed Ismail <Ahmed.Ismail@arm.com>

The link in the comment has been changed. Hence,
Updating the comment with the new link.

Signed-off-by: Ahmed Ismail <Ahmed.Ismail@arm.com>

default-jdk is already installed as part of
the internal CI Docker image. Hence, there is
no need to reinstall it in .gitlab-ci.yml

Signed-off-by: Ahmed Ismail <Ahmed.Ismail@arm.com>

* github-ci: Add DCO sign-off enforcement workflow

Introduce a `dco-check` job in
`.github/workflows/ci.yml`
that runs on pull request events. The job loops over
every commit in `origin/main..HEAD` and fails immediately
if any commit lacks a properly formatted

    Signed-off-by: <Name> <email>

footer, ensuring full compliance with our Developer
Certificate of Origin (DCO) policy.

Signed-off-by: Ahmed Ismail <Ahmed.Ismail@arm.com>

* docs: Redirect TF-M links to Read the Docs URLs

Trusted Firmware-M has moved its public documentation
from `tf-m-user-guide.trustedfirmware.org/` to
`trustedfirmware-m.readthedocs.io`. Hence, switching to
the new domain.

Signed-off-by: Ahmed Ismail <Ahmed.Ismail@arm.com>

* docs: Add the missing development environment requirements

Some of the newly added dependencies are missing in the
development environment requirements document. Hence, adding
these new dependencies.

Signed-off-by: Ahmed Ismail <Ahmed.Ismail@arm.com>

---------

Signed-off-by: Ahmed Ismail <Ahmed.Ismail@arm.com>

GitLab-Runners greater or equal to 16.6 now materialises
all file-types (e.g. CI/CD variables) in a directory that lives
next to $CI_PROJECT_DIR and ends in .tmp instead of using
/tmp as it did before. Hence, exclude all files in the new
`.tmp` folder from license check.

Signed-off-by: Ahmed Ismail <Ahmed.Ismail@arm.com>

`--list` option is set implicitly to '${executable_target}.map' in
CMake versions < 4.x.x, hence it's only added explicitly in case
of CMake versions > 4.0.0.

Signed-off-by: Ahmed Ismail <Ahmed.Ismail@arm.com>

Signed-off-by: Archit Gupta <archigup@amazon.com>

* freertos-kernel: Bump to v11.2.0 release

extern "C" is added to FreeRTOSConfig.h header
as previously in FreeRTOS-Kernel v11.1.0, the
extern "C" was added in the FreeRTOS.h header
before including FreeRTOSConfig.h header thus,
the configuration file implicitly had the
extern "C". However, the extern "C" in FreeRTOS.h
has been moved to be after the headers inclusion.
Hence, explicitly adding extern "C" that is needed
by CPP files to FreeRTOSConfig.h

Signed-off-by: Ahmed Ismail <Ahmed.Ismail@arm.com>

* mbedtls: Bump to v3.6.3 release

Signed-off-by: Ahmed Ismail <Ahmed.Ismail@arm.com>

* tf-m: Bump to v2.2.0 release

This commit includes the following changes:

- Install the needed python packages by TF-M v2.2.0
in the Docker image used by the development environment
and in GitHub workflow.

- Remove the ARMClang toolchain MVE patch as it's
part of TF-M v2.2.0 release.

- Add MPS4 dummy ROTPK provisioning patch because of
the defect mentioned in the patch file description field.

Signed-off-by: Ahmed Ismail <Ahmed.Ismail@arm.com>

* docs: Fix expected output for applications

Signed-off-by: Ahmed Ismail <Ahmed.Ismail@arm.com>

* devcontainer: Add some fixes and updates

This commit adds the following:

* Add the needed python packages for the
GDB debugger to work.

* Update the GUI option to match the one
in `tools/scripts/run.sh`.

Signed-off-by: Ahmed Ismail <Ahmed.Ismail@arm.com>

---------

Signed-off-by: Ahmed Ismail <Ahmed.Ismail@arm.com>

Using `--map` linker option only will output
the map file contents on the terminal without
creating a new file, adding the `--list` option
which outputs these information to a file.

Signed-off-by: Ahmed Ismail <Ahmed.Ismail@arm.com>

* toolchains: Add recommended toolchain flags

Recommended toolchain flags are added to both
GNU and ARMClang toolchains.

Signed-off-by: Ahmed Ismail <Ahmed.Ismail@arm.com>

* formatting: Update the job to run on Ubuntu 22.04

Ubuntu 20.04 LTS runner will be removed mid April
2025. Hence, updating to use Ubuntu 22.04.

Signed-off-by: Ahmed Ismail <Ahmed.Ismail@arm.com>

---------

Signed-off-by: Ahmed Ismail <Ahmed.Ismail@arm.com>

`DISPLAY` is a well-known system-wide
variable used in Linux for GUI applications.
Overwriting it in the script could lead to
unintended side effects, especially when launching
graphical applications. Renaming it to HDLCD_GUI to
avoid such conflicts.

Signed-off-by: Ahmed Ismail <Ahmed.Ismail@.arm.com>

Ml-Embedded-Evaluation-kit GitLab repos
are now live and public. Hence switching to
using them.

Changes done in this commit:

* Update the submodule for MLEK to use the public GitLab instance.
* Update the docs to refer to the public MLEK GitLab instance.

Signed-off-by: Ahmed Ismail <Ahmed.Ismail@arm.com>

The current version of setuptools (59.6.0)
is too old to meet the requirements of the
packages installed during the pre-commit stage.
To avoid conflicts with system packages, a
virtual environment was used to do so.

Signed-off-by: Ahmed Ismail <Ahmed.Ismail@arm.com>

The image version using the following naming:
major.minor.patch.build

Patch actually is the image header's revision.

Signed-off-by: Dávid Házi <david.hazi@arm.com>

Signed-off-by: Gergely Kovacs <Gergely.Kovacs2@arm.com>

Signed-off-by: Gergely Kovacs <Gergely.Kovacs2@arm.com>

The TF-M toolchain adds a __ARM_ARCH_8_1M_MAIN__ define which caused a
build error in arm_2d. It is fixed in the new release.

Signed-off-by: Gergely Kovacs <Gergely.Kovacs2@arm.com>

Signed-off-by: Gergely Kovacs <Gergely.Kovacs2@arm.com>

The application is built similarly to blinky. The update image
generation is unchanged. The mbedtls config file needs the DOMAIN_NS
check because S and NS clients are not separated. The minimal config
is added for S clients.

Signed-off-by: Gergely Kovacs <Gergely.Kovacs2@arm.com>

Blinky application with the seperately build TF-M and the new toolchain.
The cmake files exported by TF-M set up the NS interface. The default
TF-M signing is used and the resulting images are merged by FRI.

Signed-off-by: Gergely Kovacs <Gergely.Kovacs2@arm.com>

Removed the previous toolchain dependency and the NS toolchain exported
by TF-M is used instead. The cross compilation flags are set up by
this toolchain file (e.g. -mcpu). The compilation options are set by
FRI, these options are the previously used options from the removed
toolchain and the options used in TF-M merged.

Signed-off-by: Gergely Kovacs <Gergely.Kovacs2@arm.com>

TF-M is built in build.sh and the configuration parameters are passed
for the build in an initial cache script. The TfmInitialCache.cmake
is only added for the blinky application in this commit. After TF-M is
built, the artifacts to be used during the NS build are exported in the
api_ns folder.

Signed-off-by: Gergely Kovacs <Gergely.Kovacs2@arm.com>

* ota-orchestrator: Add multiple enhancements and fixes

* Do not suspend OTA agent after successful update.

* vOtaNotActiveHook() should be called whenever there
are no OTA jobs available.

* Use LogDebug and LogError instead of LogInfo to
follow the previous ota-for-embedded-iot-sdk library
implementation (avoiding new issues).

Signed-off-by: Devaraj Ranganna <devaraj.ranganna@arm.com>
Signed-off-by: Ahmed Ismail <Ahmed.Ismail@arm.com>

* mqtt-agent: Increase MQTT Agent keep alive interval

The `MQTT_AGENT_KEEP_ALIVE_INTERVAL_SECONDS` is increased
to 100 as in case of using SOFTWARE inference with speech
recognition application the connection is dropped before
the ML Inference is done as the software inference is generally
much slower compared to the Ethos NPU. This connection drop
cause the ML inference to have wrong results as the task
is interrupted. Hence, increasing the keep alive interval
to avoid the connection drop.

Signed-off-by: Ahmed Ismail <Ahmed.Ismail@arm.com>

* github-upload-artifact: Upgrade the deprecated version

actions/upload-artifact v3 is now deprecated and cannot
be used anymore. Hence, updating to v4.

`strategy.job-index` is post-fixed to the artifact
name to overcome the known issue of upload-artifact v4
not allowing multiple artifacts with the same name on
the workflow run.

Signed-off-by: Ahmed Ismail <Ahmed.Ismail@arm.com>

---------

Signed-off-by: Devaraj Ranganna <devaraj.ranganna@arm.com>
Signed-off-by: Ahmed Ismail <Ahmed.Ismail@arm.com>
Co-authored-by: Devaraj Ranganna <devaraj.ranganna@arm.com>

* sign-tfm-image: Refactor the CMake Module

The `SignTfmImage.cmake` module is refactored to
to accept an input binary name and an input signing
layout file.

These modifications are going to be used to sign the
non_secure and the ML Model images separately which
is essential to add the ML Model component OTA update
feature.

Signed-off-by: Ahmed Ismail <Ahmed.Ismail@arm.com>

* fvp-options: Remove `--fast` option

`--fast` FVP NPU option is removed as it's not
completely supported by all platforms.

Signed-off-by: Ahmed Ismail <Ahmed.Ismail@arm.com>

* cs-300: Extract the ML model to a separate binary

Eventually, we want the MCUBoot (and the rest of TF-M) to handle the ML
model in the same way as other components. To achieve that, the ML model
component will be kept in flash during boot, for the MCUBoot to validate
the image, and perform the swap operation if needed.

Since the Ethos NPU doesn't have access to flash, the model will be
copied back to DDR at runtime. This is why the model is still kept in
the DDR memory region in the linker script.

Patches for the trusted_firmware-m component:
- Add support for the third image for cs-300 platform.
- Configure the signing layout for the ML model, and reuse the NS key.
- Add a modified flash map for the cs-300, for the MCUBoot to handle the
third image. This is based on the default flash layout used before.

Signed-off-by: Filip Jagodzinski <filip.jagodzinski@arm.com>
Signed-off-by: Ahmed Ismail <Ahmed.Ismail@arm.com>

* cs-310: Extract the ML model to a separate binary

Eventually, we want the MCUBoot (and the rest of TF-M) to handle the ML
model in the same way as other components. To achieve that, the ML model
component will be kept in flash during boot, for the MCUBoot to validate
the image, and perform the swap operation if needed.

Since the Ethos NPU doesn't have access to flash, the model will be
copied back to DDR at runtime. This is why the model is still kept in
the DDR memory region in the linker script.

Patches for the trusted_firmware-m component:
- Add support for the third image for cs-310 platform.
- Configure the signing layout for the ML model, and reuse the NS key.
- Add a modified flash map for the cs-310, for the MCUBoot to handle the
third image. This is based on the default flash layout used before.

Signed-off-by: Filip Jagodzinski <filip.jagodzinski@arm.com>
Signed-off-by: default avatarAhmed Ismail <Ahmed.Ismail@arm.com>

* mps4: Extract the ML model to a separate binary

Eventually, we want the MCUBoot (and the rest of TF-M) to handle the ML
model in the same way as other components. To achieve that, the ML model
component will be kept in flash during boot, for the MCUBoot to validate
the image, and perform the swap operation if needed.

Since the Ethos NPU doesn't have access to flash, the model will be
copied back to DDR at runtime. This is why the model is still kept in
the DDR memory region in the linker script.

Patches for the trusted_firmware-m component:
- Add support for the third image for mps4 platforms.
- Configure the signing layout for the ML model, and reuse the NS key.
- Add a modified flash map for the mps4 platforms, for the MCUBoot to
handle the third image. This is based on the default flash layout
used before.

These changes applies to both:
* Corstone-315 Platform.
* Corstone-320 Platform.

Signed-off-by: Filip Jagodzinski <filip.jagodzinski@arm.com>
Signed-off-by: Ahmed Ismail <Ahmed.Ismail@arm.com>

* keyword: Extract the ML model as a TF-M component

keyword-detection example:
- Configure the MCUBoot to work with 3 components instead of 2.
- Configure the MCUBoot to use a non-default flash map.
- Set the ML model image version.
- Sign the ML model image using the same key as the NS image.
- Generate an update signature for the ML model image.
- At the ML task init, add a new step, where the ML model is copied from
flash to DDR.
- Update the merge images CMake function in TF-M integration
layer to handle the third component (the ML model image).
- Update the extract_sections_from_axf CMake function.

Patches for the freertos_ota_pal_psa component:
- Add the ML model file path.
- Stop using a global variable to store the NS image version.
- Fix the GetImageVersionPSA to return the version to an output param
for any given component (rather than update the global var).

Patches for the ml_embedded_evaluation_kit component:
- Override EthosU55 NPU default IRQ handler to avoid modifying the
vector table in run-time which alter the non-secure image result in
MCUBoot validation failure.

Additions for the OTA Orchestrator:
- Stop using a global variable to store the NS image version.
- Replace all the uses of the appFirmwareVersion global var with the
appropriate call to the new image version getter.

Signed-off-by: Filip Jagodzinski <filip.jagodzinski@arm.com>
Signed-off-by: Ahmed Ismail <Ahmed.Ismail@arm.com>

* ml-update-demo: Update from a faulty model to a working one

Add a modified tflite file that produces no inference results
at runtime. This file can be used to build an application that
is fully functional, but the ML inference is unsuccessful in
detecting any keyword. Applying an OTA ML model update in this
state is very visible since the updated model does work as
expected (detects keywords from audio samples).

Signed-off-by: Filip Jagodzinski <filip.jagodzinski@arm.com>
Signed-off-by: Ahmed Ismail <Ahmed.Ismail@arm.com>

* freertos-integration-tests: Remove OTA update dependencies

Since we don't run OTA tests as part of the intgeration tests
anymore, we don't need to sign the update binary and there
is no need to upload the update binary to AWS.

Signed-off-by: Ahmed Ismail <Ahmed.Ismail@arm.com>

* ci: Add keyword-detection ML Model update nightly test

Add a new nightly test to verify the ML model OTA update,
this is done for Keyword-Detection application compiled with
GNU toolchain only as this is the currently supported combination.
This nightly test runs on all the Corstone platforms.

Signed-off-by: Ahmed Ismail <Ahmed.Ismail@arm.com>

---------

Signed-off-by: Ahmed Ismail <Ahmed.Ismail@arm.com>
Signed-off-by: Filip Jagodzinski <filip.jagodzinski@arm.com>
Signed-off-by: default avatarAhmed Ismail <Ahmed.Ismail@arm.com>
Co-authored-by: Filip Jagodzinski <filip.jagodzinski@arm.com>

Ahmed Ismail authored Jan 23, 2025 and Devaraj Ranganna committed Jan 28, 2025

Signed-off-by: Ahmed Ismail <Ahmed.Ismail@arm.com>

Ahmed Ismail authored Jan 20, 2025 and Devaraj Ranganna committed Jan 28, 2025

As a result of updating from Ubuntu v20.04 to v22.04,
the following changes had to be made:

* The default `setuptools_scm` v8.x requires that
`setuptools` package has a version higher than 61.
Hence, updating the minimum required `setuptools`
version.

* The `license_file` is now deprecated and `license_files`
option should be used instead.

* The way CI-env-private installs `uncrustify` has been changed
where it introduced a known issue in the `uncrustify` tool so a
workaround has been applied to overcome the issue.

Signed-off-by: Ahmed Ismail <Ahmed.Ismail@arm.com>

Chuyue Luo authored Jan 09, 2025 and Devaraj Ranganna committed Jan 13, 2025

The OTA Agent should not shut down after rebooting, since there may be
further OTA updates sent.

Signed-off-by: Chuyue Luo <Chuyue.Luo@arm.com>

Chuyue Luo authored Dec 20, 2024 and Devaraj Ranganna committed Jan 13, 2025

The OTA orchestrator now checks if the updated firmware version is
higher than the previous firmware version.

Signed-off-by: Chuyue Luo <Chuyue.Luo@arm.com>

Chuyue Luo authored Dec 20, 2024 and Devaraj Ranganna committed Jan 13, 2025

An OTA image should be accepted only if the update version is higher
than the current firmware version. This commit adds an out-of-tree patch
to the Jobs-for-AWS-IoT-embedded-sdk library which adds functionality
for sending the updatedBy version to the cloud and retrieving it when
the device reboots.

Signed-off-by: Chuyue Luo <Chuyue.Luo@arm.com>

Chuyue Luo authored Dec 17, 2024 and Devaraj Ranganna committed Jan 13, 2025

Signed-off-by: Chuyue Luo <Chuyue.Luo@arm.com>

With latest FreeRTOS TCP/IP stack, due to a timing issue, most of the
MQTT tests fail on FVP, because of connection reset. Therefore,
increase the MQTT keep alive timeout `MQTT_KEEP_ALIVE_INTERVAL_SECONDS`
from `60` to `300` seconds.

Signed-off-by: Devaraj Ranganna <devaraj.ranganna@arm.com>

With latest FreeRTOS TCP/IP stack, due to a timing issue, most of the
MQTT tests fail on FVP, because of TCP keep alive timeout. Therefore,
increase the TCP keep alive timeout `ipconfigTCP_KEEP_ALIVE_INTERVAL`
from `20` to `300` seconds.

Signed-off-by: Devaraj Ranganna <devaraj.ranganna@arm.com>

Due to incorrect order to libraries during linking stage, which was
caused by `coremqtt-config` interface linking to `helpers-logging` build
was failing. Therefore, move the logging macros definition from `.h` to
`.c`.

Signed-off-by: Devaraj Ranganna <devaraj.ranganna@arm.com>

Signed-off-by: Devaraj Ranganna <devaraj.ranganna@arm.com>

Printing out the FVP version facilitates troubleshooting
and helps verify the results of FVP updates.

Signed-off-by: Dávid Házi <david.hazi@arm.com>

* components: Remove ota_for_aws_iot_embedded_sdk

Remove the ota_for_aws_iot_embedded_sdk component, as we will be
replacing it with the new modular OTA.

Signed-off-by: Chuyue Luo <Chuyue.Luo@arm.com>

* applications: Add C Runtime Helpers

Add a crt-helpers/ directory within applicatons/helpers. Within this
directory, add a custom implementation of `strnlen` (based on TF-M's
`tfm_strnlen` implementation). This is required because the Arm Compiler
for Embedded (v6.21) does not support `strnlen`.

Signed-off-by: Chuyue Luo <Chuyue.Luo@arm.com>

* components: Add Jobs-for-AWS-IoT-embedded-sdk component

Add the Jobs-for-AWS-IoT-embedded-sdk repository as a submodule. This
library is used to interact with AWS IoT Jobs (remote operations that
are sent to and executed on devices connected to AWS IoT). It is one of
the two libraries that must be integrated to allow the new modular OTA
to be used - second library (aws-iot-core-mqtt-file-streams-embedded-c)
is integrated in a later commit.

In addition, the required integration CMake files to build the component
are added.

Signed-off-by: Chuyue Luo <Chuyue.Luo@arm.com>

* components: Add patches for Jobs-for-AWS-IoT-embedded-sdk library

Two patches are added for the Jobs-for-AWS-IoT-embedded-sdk library:
- The Jobs library assumes the OTA job is signed using ECDSA. However,
we currently use RSA. Therefore, add a patch to change the check for an
ECDSA signature to a check for an RSA signature.
- The Jobs library contains calls to the `strnlen` function. However,
this function is not supported by the Arm Compiler for Embedded (v6.21).
Therefore, add a patch which replaces these calls with calls to our
custom implementation `app_strnlen`.

Signed-off-by: Chuyue Luo <Chuyue.Luo@arm.com>

* components: Add aws-iot-core-mqtt-file-streams-embedded-c component

Add the aws-iot-core-mqtt-file-streams-embedded-c repository as a
submodule. This library allows files from a stream (an abstraction for
a list of files) to be transferred to an IoT device. It is the second of
the two libraries that must be integrated to allow the new modular OTA
to be used.

In addition, the required integration CMake files to build the component
are added.

Signed-off-by: Chuyue Luo <Chuyue.Luo@arm.com>

* components: Add patch for MQTT File Streams library

The aws-iot-core-mqtt-file-streams-embedded-c library uses the `strnlen`
function, which is not supported by the Arm Compiler for Embedded
(v6.21). Therefore, add a patch which replaces the call to `strnlen`
with a call to our custom implementation `app_strnlen`.

Signed-off-by: Chuyue Luo <Chuyue.Luo@arm.com>

* applications: Add MQTT File Downloader config for keyword detection

THe MQTT File Streams library allows a MQTTFileDownloader_config.h file
to be provided, which defines custom values for build configuration
macros. This commit adds a MQTTFileDownloader_config.h file for the
keyword detection example. This file defines the block size that should
be used when downloading the firmware image.

Signed-off-by: Chuyue Luo <Chuyue.Luo@arm.com>

* components: Add patch for FreeRTOS OTA PAL PSA

Add a patch for FreeRTOS OTA PAL PSA to allow it to work with the new
modular OTA structure. This patch does the following:
- Update header includes to remove headers from the old
ota-for-aws-iot-embedded-sdk library, replace these with headers from
the new Jobs-for-AWS-IoT-embedded-sdk library
- Remove usage of data structures from ota-for-aws-iot-embedded-sdk
library, replace these with data structures from
Jobs-for-AWS-IoT-embedded-sdk library.

Signed-off-by: Chuyue Luo <Chuyue.Luo@arm.com>

* ota: Add OTA orchestrator

Add an OTA orchestrator as a helper within the applications/ directory.
The OTA orchestrator uses functionality from the Jobs and MQTT File
Streaming libraries to enable OTA updates.

In addition, update the keyword detection CMakeLists.txt to allow this
example to use the new modular OTA.

Signed-off-by: Chuyue Luo <Chuyue.Luo@arm.com>

* applications: New modular OTA for speech recognition example

Update speech recognition CMakeLists.txt and add
MQTTFileDownloader_config.h file to allow this example to use the new
modular OTA.

Signed-off-by: Chuyue Luo <Chuyue.Luo@arm.com>

* applications: New modular OTA for object detection example

Update object detection CMakeLists.txt and add
MQTTFileDownloader_config.h file to allow this example to use the new
modular OTA.

Signed-off-by: Chuyue Luo <Chuyue.Luo@arm.com>

* applications: New modular OTA for FreeRTOS IoT Libraries Tests

Update FreeRTOS IoT Libraries Tests CMakeLists.txt and add
MQTTFileDownloader_config.h file to allow the tests to use the new
modular OTA.

Signed-off-by: Chuyue Luo <Chuyue.Luo@arm.com>

---------

Signed-off-by: Chuyue Luo <Chuyue.Luo@arm.com>

Increase/decrease the CI runner resources based on the job
requirements.

Signed-off-by: Devaraj Ranganna <devaraj.ranganna@arm.com>

Signed-off-by: Devaraj Ranganna <devaraj.ranganna@arm.com>

Remove the upstreamed out-of-tree patch
`0001-Do-not-define-__PASTE-macro-for-Arm-compiler.patch` and update to
latest version of corePKCS11 library.

Signed-off-by: Devaraj Ranganna <devaraj.ranganna@arm.com>