From 62f6f274a6df767ee41a0452be191d7c687c4e5c Mon Sep 17 00:00:00 2001 From: Devaraj Ranganna Date: Fri, 11 Oct 2024 09:02:39 +0000 Subject: [PATCH 01/12] provisioning: Include `FreeRTOS.h` While adding `prevent re-provisioning` feature, one of the added functions used `UBaseType_t` datatype which is defined in `FreeRTOS.h`, but didn't include the header. This was causing integration tests build failure. Signed-off-by: Devaraj Ranganna --- applications/helpers/provisioning/dev_mode_key_provisioning.h | 1 + 1 file changed, 1 insertion(+) diff --git a/applications/helpers/provisioning/dev_mode_key_provisioning.h b/applications/helpers/provisioning/dev_mode_key_provisioning.h index ddacedd..61014f9 100644 --- a/applications/helpers/provisioning/dev_mode_key_provisioning.h +++ b/applications/helpers/provisioning/dev_mode_key_provisioning.h @@ -41,6 +41,7 @@ #ifndef _AWS_DEV_MODE_KEY_PROVISIONING_H_ #define _AWS_DEV_MODE_KEY_PROVISIONING_H_ +#include "FreeRTOS.h" #include "core_pkcs11_config.h" #include "core_pkcs11.h" #include "provisioning_data.h" From 5f985a560346e187e0602de64ef47731b7542b47 Mon Sep 17 00:00:00 2001 From: Devaraj Ranganna Date: Mon, 14 Oct 2024 11:20:40 +0000 Subject: [PATCH 02/12] provisioning: Always provision if PSA crypto implementation is MbedTLS When using Mbed TLS as the PSA crypto implementation on the non-secure side, the device private key is defined as volatile key since there is no filesystem support. Therefore, always provision the keys when using Mbed TLS as the PSA crypto implementation on the non-secure side. Signed-off-by: Devaraj Ranganna --- .../provisioning/dev_mode_key_provisioning.c | 64 ++++++++++++------- 1 file changed, 41 insertions(+), 23 deletions(-) diff --git a/applications/helpers/provisioning/dev_mode_key_provisioning.c b/applications/helpers/provisioning/dev_mode_key_provisioning.c index 43d4be0..a256ee1 100644 --- a/applications/helpers/provisioning/dev_mode_key_provisioning.c +++ b/applications/helpers/provisioning/dev_mode_key_provisioning.c @@ -1451,37 +1451,55 @@ int xOtaProvisionCodeSigningKey( psa_key_handle_t * pxKeyHandle, UBaseType_t uxIsDeviceProvisioned( void ) { - psa_status_t status = PSA_ERROR_GENERIC_ERROR; - const psa_storage_uid_t uid = FIRST_BOOT_ITS_UID; - uint8_t boot_pattern_in_its = 0; - size_t read_data_length = 0; + /* When using Mbed TLS as the PSA crypto implementation on the non-secure + * side, the device private key is defined as volatile key since there is + * no filesystem support. Therefore, always provision the keys when using + * Mbed TLS as the PSA crypto implementation on the non-secure side. + */ + #ifdef PSA_CRYPTO_IMPLEMENTATION_TFM + psa_status_t status = PSA_ERROR_GENERIC_ERROR; + const psa_storage_uid_t uid = FIRST_BOOT_ITS_UID; + uint8_t boot_pattern_in_its = 0; + size_t read_data_length = 0; - status = psa_its_get( uid, 0, 1, &boot_pattern_in_its, - &read_data_length ); + status = psa_its_get( uid, 0, 1, &boot_pattern_in_its, + &read_data_length ); - if( status != PSA_SUCCESS ) - { - return 0; - } + if( status != PSA_SUCCESS ) + { + return 0; + } - if( boot_pattern_in_its == BOOT_PATTERN ) - { - return 1; - } - else - { + if( boot_pattern_in_its == BOOT_PATTERN ) + { + return 1; + } + else + { + return 0; + } + #else /* ifdef PSA_CRYPTO_IMPLEMENTATION_TFM */ return 0; - } + #endif /* ifdef PSA_CRYPTO_IMPLEMENTATION_TFM */ } psa_status_t xWriteDeviceProvisioned( void ) { - const psa_storage_uid_t uid = FIRST_BOOT_ITS_UID; - const psa_storage_create_flags_t flags = PSA_STORAGE_FLAG_WRITE_ONCE; - uint8_t first_boot_pattern = BOOT_PATTERN; - - /* Write the pattern to ITS */ - return psa_its_set( uid, 1, &first_boot_pattern, flags ); + /* When using Mbed TLS as the PSA crypto implementation on the non-secure + * side, the device private key is defined as volatile key since there is + * no filesystem support. Therefore, always provision the keys when using + * Mbed TLS as the PSA crypto implementation on the non-secure side. + */ + #ifdef PSA_CRYPTO_IMPLEMENTATION_TFM + const psa_storage_uid_t uid = FIRST_BOOT_ITS_UID; + const psa_storage_create_flags_t flags = PSA_STORAGE_FLAG_WRITE_ONCE; + uint8_t first_boot_pattern = BOOT_PATTERN; + + /* Write the pattern to ITS */ + return psa_its_set( uid, 1, &first_boot_pattern, flags ); + #else /* ifdef PSA_CRYPTO_IMPLEMENTATION_TFM */ + return PSA_SUCCESS; + #endif /* ifdef PSA_CRYPTO_IMPLEMENTATION_TFM */ } /*-----------------------------------------------------------*/ From a76bd32047abe3db89cb1a47408d0b42aa963054 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gergely=20Korcs=C3=A1k?= Date: Thu, 3 Oct 2024 13:14:14 +0200 Subject: [PATCH 03/12] bsp: Update to v0.4.0 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Gergely Korcsák Signed-off-by: Ahmed Ismail --- bsp/library | 2 +- manifest.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/bsp/library b/bsp/library index 29008bc..5320001 160000 --- a/bsp/library +++ b/bsp/library @@ -1 +1 @@ -Subproject commit 29008bc38f0c6e02431995253a2447071c301b63 +Subproject commit 53200013edb04d5873fe4928414159eb23dbfb8c diff --git a/manifest.yml b/manifest.yml index e56d245..e7b8776 100644 --- a/manifest.yml +++ b/manifest.yml @@ -16,7 +16,7 @@ dependencies: license: "Apache-2.0" tpip-category: "category-2" security-risk: "low" - version: "v0.3.0" + version: "v0.4.0" repository: type: "git" url: "https://git.gitlab.arm.com/iot/open-iot-sdk/arm-corstone-platform-bsp.git" From 1b4fde26fe3d3d5124f37d35f67d7d1dbf18aedc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gergely=20Korcs=C3=A1k?= Date: Tue, 6 Aug 2024 11:33:00 +0200 Subject: [PATCH 04/12] bsp: Add Corstone-320 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Gergely Korcsák --- .gitlab-ci.yml | 99 ++++ .vscode/tasks.json | 3 +- .../blinky/tests/corstone320_pass_output.log | 8 + .../tests/corstone320_pass_output.log | 14 + .../tests/corstone320_pass_output.log | 10 + .../tests/corstone320_pass_output.log | 10 + bsp/CMakeLists.txt | 42 +- bsp/cmake/SetLinkerOptions.cmake | 2 + bsp/corstone320/corstone_320_ns.ld | 263 ++++++++++ bsp/corstone320/corstone_320_ns.sct | 85 +++ .../include/FreeRTOSConfig_target.h | 31 ++ bsp/corstone320/include/RTE_Components.h | 34 ++ bsp/corstone320/include/device_cfg.h | 276 ++++++++++ .../include/provisioning_config_target.h | 11 + ...-CMSIS-Driver-implementation-for-VSI.patch | 488 +++++++++++++++++- ...etupMlEmbeddedEvaluationKitLibraries.cmake | 9 +- .../freertos_plus_tcp/CMakeLists.txt | 3 +- components/freertos_kernel/CMakeLists.txt | 5 +- release_changes/202408061547.change | 1 + tools/scripts/build.sh | 18 +- tools/scripts/run.sh | 15 +- tools/tests/conftest.py | 2 +- 22 files changed, 1406 insertions(+), 23 deletions(-) create mode 100644 applications/blinky/tests/corstone320_pass_output.log create mode 100644 applications/keyword_detection/tests/corstone320_pass_output.log create mode 100644 applications/object_detection/tests/corstone320_pass_output.log create mode 100644 applications/speech_recognition/tests/corstone320_pass_output.log create mode 100644 bsp/corstone320/corstone_320_ns.ld create mode 100644 bsp/corstone320/corstone_320_ns.sct create mode 100644 bsp/corstone320/include/FreeRTOSConfig_target.h create mode 100644 bsp/corstone320/include/RTE_Components.h create mode 100644 bsp/corstone320/include/device_cfg.h create mode 100644 bsp/corstone320/include/provisioning_config_target.h create mode 100644 release_changes/202408061547.change diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 9ca94a9..66c4ecd 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -19,6 +19,8 @@ variables: # Those fragments contain base variables required by pipelines for applications. # They can be used to set matrix parameters and extended using << : .anchor syntax +.pipeline_config_corstone320: &pipeline_config_corstone320 + TARGET: [corstone320] .pipeline_config_corstone315: &pipeline_config_corstone315 TARGET: [corstone315] .pipeline_config_corstone310: &pipeline_config_corstone310 @@ -77,6 +79,26 @@ workflow: applications/${APP_UNDERSCORED}/configs/aws_configs fi +# Build Corstone320 applications which later are tested. +build-applications-corstone320: + stage: build + extends: .build_job + parallel: + matrix: + - + << : [*pipeline_config_corstone320, *pipeline_config_toolchain] + APP: [blinky, keyword-detection, speech-recognition, object-detection] + INFERENCE: [ETHOS] + AUDIO: [ROM] + CONN_STACK: [FREERTOS_PLUS_TCP] + PSA_CRYPTO_IMPLEMENTATION: [TF-M] + artifacts: + paths: + - ${TARGET}_${APP}_${TOOLCHAIN}_${INFERENCE}_${AUDIO}_${CONN_STACK}_${PSA_CRYPTO_IMPLEMENTATION}_build.tar.gz + expire_in: 1 week + variables: + GIT_SUBMODULE_STRATEGY: recursive + # Build Corstone315 applications which later are tested. build-applications-corstone315: stage: build @@ -157,8 +179,13 @@ build-applications-corstone300: if [ $TARGET == "corstone315" ];then FVP_BIN=FVP_Corstone_SSE-315 fi + - | + if [ $TARGET == "corstone320" ];then + FVP_BIN=FVP_Corstone_SSE-320 + fi parallel: matrix: + - *pipeline_config_corstone320 - *pipeline_config_corstone315 - *pipeline_config_corstone310 - *pipeline_config_corstone300 @@ -168,6 +195,8 @@ build-applications-corstone300: test-blinky-output: extends: .test_job needs: + - job: build-applications-corstone320 + artifacts: true - job: build-applications-corstone315 artifacts: true - job: build-applications-corstone310 @@ -186,6 +215,13 @@ test-blinky-output: --fail-output-file "applications/${APP}/tests/fail_output.log" parallel: matrix: + - + << : [*pipeline_config_corstone320, *pipeline_config_toolchain] + APP: [blinky] + INFERENCE: [ETHOS] + AUDIO: [ROM] + CONN_STACK: [FREERTOS_PLUS_TCP] + PSA_CRYPTO_IMPLEMENTATION: [TF-M] - << : [*pipeline_config_corstone315, *pipeline_config_toolchain] APP: [blinky] @@ -257,6 +293,8 @@ test-blinky-output: test-ml-applications-output: extends: .test-applications_base needs: + - job: build-applications-corstone320 + artifacts: true - job: build-applications-corstone315 artifacts: true - job: build-applications-corstone310 @@ -265,6 +303,14 @@ test-ml-applications-output: artifacts: true parallel: matrix: + - + << : *pipeline_config_corstone320 + APP: [keyword-detection, speech-recognition, object-detection] + INFERENCE: [ETHOS] + AUDIO: [ROM] + TOOLCHAIN: [ARMCLANG] + CONN_STACK: [FREERTOS_PLUS_TCP] + PSA_CRYPTO_IMPLEMENTATION: [TF-M] - << : *pipeline_config_corstone315 APP: [keyword-detection, speech-recognition, object-detection] @@ -341,6 +387,11 @@ integration-tests: --timeout-seconds 14400 parallel: matrix: + - + << : [*pipeline_config_corstone320, *pipeline_config_toolchain] + APP: [freertos-iot-libraries-tests] + CONN_STACK: [FREERTOS_PLUS_TCP, IOT_VSOCKET] + PSA_CRYPTO_IMPLEMENTATION: [TF-M] - << : [*pipeline_config_corstone315, *pipeline_config_toolchain] APP: [freertos-iot-libraries-tests] @@ -383,6 +434,30 @@ sw-vsi-configs-test: - !reference [.test-applications_base, script] parallel: matrix: + - + << : *pipeline_config_corstone320 + APP: [keyword-detection, speech-recognition] + INFERENCE: [ETHOS] + AUDIO: [VSI] + TOOLCHAIN: [ARMCLANG] + CONN_STACK: [FREERTOS_PLUS_TCP] + PSA_CRYPTO_IMPLEMENTATION: [TF-M] + - + << : *pipeline_config_corstone320 + APP: [keyword-detection, speech-recognition] + INFERENCE: [SOFTWARE] + AUDIO: [ROM, VSI] + TOOLCHAIN: [ARMCLANG] + CONN_STACK: [FREERTOS_PLUS_TCP] + PSA_CRYPTO_IMPLEMENTATION: [TF-M] + - + << : *pipeline_config_corstone320 + APP: [object-detection] + INFERENCE: [SOFTWARE] + AUDIO: [ROM] + TOOLCHAIN: [ARMCLANG] + CONN_STACK: [FREERTOS_PLUS_TCP] + PSA_CRYPTO_IMPLEMENTATION: [TF-M] - << : *pipeline_config_corstone315 APP: [keyword-detection, speech-recognition] @@ -466,6 +541,22 @@ gnu-toolchain-test: - !reference [.test-applications_base, script] parallel: matrix: + - + << : *pipeline_config_corstone320 + APP: [keyword-detection, speech-recognition] + INFERENCE: [ETHOS, SOFTWARE] + AUDIO: [ROM,VSI] + TOOLCHAIN: [GNU] + CONN_STACK: [FREERTOS_PLUS_TCP] + PSA_CRYPTO_IMPLEMENTATION: [TF-M] + - + << : *pipeline_config_corstone320 + APP: [object-detection] + INFERENCE: [ETHOS, SOFTWARE] + AUDIO: [ROM] + TOOLCHAIN: [GNU] + CONN_STACK: [FREERTOS_PLUS_TCP] + PSA_CRYPTO_IMPLEMENTATION: [TF-M] - << : *pipeline_config_corstone315 APP: [keyword-detection, speech-recognition] @@ -525,6 +616,14 @@ iot-vsocket-psa-crypto-mbedtls-test: - !reference [.test-applications_base, script] parallel: matrix: + - + << : *pipeline_config_corstone320 + APP: [keyword-detection, speech-recognition, object-detection] + INFERENCE: [ETHOS] + AUDIO: [ROM] + TOOLCHAIN: [GNU, ARMCLANG] + CONN_STACK: [IOT_VSOCKET] + PSA_CRYPTO_IMPLEMENTATION: [MBEDTLS] - << : *pipeline_config_corstone315 APP: [keyword-detection, speech-recognition, object-detection] diff --git a/.vscode/tasks.json b/.vscode/tasks.json index 9ee878a..3281cce 100644 --- a/.vscode/tasks.json +++ b/.vscode/tasks.json @@ -124,7 +124,8 @@ "options": [ "-tcorstone300", "-tcorstone310", - "-tcorstone315" + "-tcorstone315", + "-tcorstone320" ], "default": "-tcorstone315" }, diff --git a/applications/blinky/tests/corstone320_pass_output.log b/applications/blinky/tests/corstone320_pass_output.log new file mode 100644 index 0000000..5ac3678 --- /dev/null +++ b/applications/blinky/tests/corstone320_pass_output.log @@ -0,0 +1,8 @@ +Waiting for DM provisioning bundle +Running DM provisioning bundle +Booting TF-M v2.1.0 +psa_framework_version is: 257 +LED on +LED off +LED on +LED off diff --git a/applications/keyword_detection/tests/corstone320_pass_output.log b/applications/keyword_detection/tests/corstone320_pass_output.log new file mode 100644 index 0000000..5f8021b --- /dev/null +++ b/applications/keyword_detection/tests/corstone320_pass_output.log @@ -0,0 +1,14 @@ +Waiting for DM provisioning bundle +Running DM provisioning bundle +Application version from appFirmwareVersion 0.0.10 +Starting bootloader +Booting TF-M v2.1.0 +PSA Framework version is: 257 +Application version from appFirmwareVersion 0.0.20 +ML interface initialised +ML_HEARD_ON +ML UNKNOWN +ML_HEARD_OFF +ML UNKNOWN +ML_HEARD_GO +ML UNKNOWN diff --git a/applications/object_detection/tests/corstone320_pass_output.log b/applications/object_detection/tests/corstone320_pass_output.log new file mode 100644 index 0000000..f4e5370 --- /dev/null +++ b/applications/object_detection/tests/corstone320_pass_output.log @@ -0,0 +1,10 @@ +Waiting for DM provisioning bundle +Running DM provisioning bundle +Application version from appFirmwareVersion 0.0.10 +Starting bootloader +Booting TF-M v2.1.0 +PSA Framework version is: 257 +Application version from appFirmwareVersion 0.0.20 +Complete recognition: Detected faces: 2 +Complete recognition: Detected faces: 2 +Complete recognition: Detected faces: 2 diff --git a/applications/speech_recognition/tests/corstone320_pass_output.log b/applications/speech_recognition/tests/corstone320_pass_output.log new file mode 100644 index 0000000..7ff46e8 --- /dev/null +++ b/applications/speech_recognition/tests/corstone320_pass_output.log @@ -0,0 +1,10 @@ +Waiting for DM provisioning bundle +Running DM provisioning bundle +Application version from appFirmwareVersion 0.0.10 +Starting bootloader +Booting TF-M v2.1.0 +PSA Framework version is: 257 +Application version from appFirmwareVersion 0.0.20 +Init speex +ML interface initialised +Complete recognition: turn down the temperature in the bedroom diff --git a/bsp/CMakeLists.txt b/bsp/CMakeLists.txt index d0873fc..1247864 100644 --- a/bsp/CMakeLists.txt +++ b/bsp/CMakeLists.txt @@ -10,6 +10,10 @@ function(build_ethosu_target_npu_config_values id num_macs) set(ETHOS_U_NPU_CONFIG_ID "Y${num_macs}" CACHE STRING "Specifies the configuration ID for the NPU." FORCE) set(ETHOS_U_NPU_MEMORY_MODE Dedicated_Sram CACHE STRING "Specifies the memory mode used in the Vela command." FORCE) set(ETHOS_U_NPU_CACHE_SIZE "393216" CACHE STRING "Arm Ethos-U65 NPU Cache Size" FORCE) + elseif(id STREQUAL "U85") + set(ETHOS_U_NPU_CONFIG_ID "Z${num_macs}" CACHE STRING "Specifies the configuration ID for the NPU." FORCE) + set(ETHOS_U_NPU_MEMORY_MODE Dedicated_Sram CACHE STRING "Specifies the memory mode used in the Vela command." FORCE) + set(ETHOS_U_NPU_CACHE_SIZE "393216" CACHE STRING "Arm Ethos-U85 NPU Cache Size" FORCE) endif() string(TOLOWER "${id}" id) set(ETHOSU_TARGET_NPU_CONFIG "ethos-${id}-${num_macs}" CACHE STRING "Default NPU configuration" FORCE) @@ -125,9 +129,44 @@ elseif(ARM_CORSTONE_BSP_TARGET_PLATFORM STREQUAL "corstone315") set(ISP_MVE_FP ON CACHE BOOL "MVE FP is used by ISP driver" FORCE) + add_subdirectory(isp_mali-c55) +elseif(ARM_CORSTONE_BSP_TARGET_PLATFORM STREQUAL "corstone320") + set(TFM_PLATFORM_LOCAL_PATH "arm/mps4/corstone320" CACHE STRING "TFM Platform local path") + set(TFM_FLASH_S_PARTITION_SIZE "0x40000") + set(TFM_FLASH_NS_PARTITION_SIZE "0x340000") + + set(BL1_IMAGE_LOAD_ADDRESS 0x11000000 CACHE STRING "Bootload stage 1 image loading address") + set(BL2_IMAGE_LOAD_ADDRESS 0x12031400 CACHE STRING "Bootload image loading address") + set(S_IMAGE_LOAD_ADDRESS 0x38000000 CACHE STRING "Secure TF-M firmware loading address") + set(NS_IMAGE_LOAD_ADDRESS 0x28040000 CACHE STRING "Non-secure user application loading address") + set(S_CM_PROVISIONING_BUNDLE_LOAD_ADDRESS 0x12024000 CACHE STRING "Secure CM provisioning bundle loading address") + set(S_DM_PROVISIONING_BUNDLE_LOAD_ADDRESS 0x1202aa00 CACHE STRING "Secure DM provisioning bundle loading address") + set(NS_PROVISIONING_BUNDLE_LOAD_ADDRESS 0x213FF000 CACHE STRING "Non-Secure provisioning bundle loading address") + set(NS_DDR4_IMAGE_LOAD_ADDRESS 0x60000000 CACHE STRING "Non-Secure Double Data Rate RAM image loading address") + + set(ETHOS_U_BASE_ADDR "0x40004000" CACHE STRING "Ethos-U NPU base address" FORCE) + set(ETHOS_U_IRQN "16" CACHE STRING "Ethos-U NPU Interrupt" FORCE) + set(ETHOS_U_SEC_ENABLED "0" CACHE STRING "Ethos-U NPU Security enable" FORCE) + set(ETHOS_U_PRIV_ENABLED "0" CACHE STRING "Ethos-U NPU Privilege enable" FORCE) + set(ETHOS_U_NPU_ID "U85" CACHE STRING "Arm Ethos-U NPU IP U85") + set(DEFAULT_ML_MAC_U85 "256") + set(VALID_ETHOSU_TARGET_NPU_CONFIGS + "ethos-u85-128" + "ethos-u85-256" + "ethos-u85-512" + "ethos-u85-1024" + "ethos-u85-2048" + ) + + list(APPEND TFM_CMAKE_APP_ARGS + -DTFM_BL1_LOGGING=ON + ) + + set(ISP_MVE_FP ON CACHE BOOL "MVE FP is used by ISP driver" FORCE) + add_subdirectory(isp_mali-c55) else() - message(FATAL_ERROR "Invalid ARM_CORSTONE_BSP_TARGET_PLATFORM (${ARM_CORSTONE_BSP_TARGET_PLATFORM}) set. Supported are corstone300/corstone310") + message(FATAL_ERROR "Invalid ARM_CORSTONE_BSP_TARGET_PLATFORM (${ARM_CORSTONE_BSP_TARGET_PLATFORM}) set. Supported are corstone300/corstone310/corstone315/corstone320") endif() set(ETHOS_U_NPU_NUM_MACS ${DEFAULT_ML_MAC_${ETHOS_U_NPU_ID}} CACHE STRING "Number of 8x8 MACs performed per cycle by the NPU") @@ -182,6 +221,7 @@ target_include_directories(arm-corstone-platform-bsp $<$:${CMAKE_CURRENT_LIST_DIR}/corstone300/include> $<$:${CMAKE_CURRENT_LIST_DIR}/corstone310/include> $<$:${CMAKE_CURRENT_LIST_DIR}/corstone315/include> + $<$:${CMAKE_CURRENT_LIST_DIR}/corstone320/include> ) # BSP serial library diff --git a/bsp/cmake/SetLinkerOptions.cmake b/bsp/cmake/SetLinkerOptions.cmake index b896d86..1956774 100644 --- a/bsp/cmake/SetLinkerOptions.cmake +++ b/bsp/cmake/SetLinkerOptions.cmake @@ -10,6 +10,7 @@ macro(set_linker_script executable_target) $<$:-T ${IOT_REFERENCE_ARM_CORSTONE3XX_SOURCE_DIR}/bsp/corstone300/an552_ns.ld> $<$:-T ${IOT_REFERENCE_ARM_CORSTONE3XX_SOURCE_DIR}/bsp/corstone310/an555_ns.ld> $<$:-T ${IOT_REFERENCE_ARM_CORSTONE3XX_SOURCE_DIR}/bsp/corstone315/corstone_315_ns.ld> + $<$:-T ${IOT_REFERENCE_ARM_CORSTONE3XX_SOURCE_DIR}/bsp/corstone320/corstone_320_ns.ld> -Wl,--gc-sections,-Map=${executable_target}.map ) else() @@ -18,6 +19,7 @@ macro(set_linker_script executable_target) $<$:--scatter=${IOT_REFERENCE_ARM_CORSTONE3XX_SOURCE_DIR}/bsp/corstone300/an552_ns.sct> $<$:--scatter=${IOT_REFERENCE_ARM_CORSTONE3XX_SOURCE_DIR}/bsp/corstone310/an555_ns.sct> $<$:--scatter=${IOT_REFERENCE_ARM_CORSTONE3XX_SOURCE_DIR}/bsp/corstone315/corstone_315_ns.sct> + $<$:--scatter=${IOT_REFERENCE_ARM_CORSTONE3XX_SOURCE_DIR}/bsp/corstone320/corstone_320_ns.sct> --map ) endif() diff --git a/bsp/corstone320/corstone_320_ns.ld b/bsp/corstone320/corstone_320_ns.ld new file mode 100644 index 0000000..db101c0 --- /dev/null +++ b/bsp/corstone320/corstone_320_ns.ld @@ -0,0 +1,263 @@ +/* + * Copyright (c) 2009-2024, Arm Limited. All rights reserved. + * + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the License); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an AS IS BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +/* + * Note: This file is based on Device/ARM/ARMCM55/Source/GCC/gcc_arm.ld from + * the git tag 5.8.0 of the CMSIS_5 repository. + */ + +/* + *-------- <<< Use Configuration Wizard in Context Menu >>> ------------------- + */ + +/*---------------------- Flash Configuration ---------------------------------- + Flash Configuration + Flash Base Address <0x0-0xFFFFFFFF:8> + Flash Size (in Bytes) <0x0-0xFFFFFFFF:8> + + -----------------------------------------------------------------------------*/ +FLASH_NS_PARTITION_SIZE = 0x340000; +FLASH_S_PARTITION_SIZE = 0x40000; +ROM_START = 0x28000000; +BL2_HEADER_SIZE = 0x400; +BL2_TRAILER_SIZE = 0xC00; +ISRAM0_BASE_ADDRESS = 0x21000000; +ISRAM1_OFFSET = 0x00200000; +ISRAM1_SIZE = 0x00200000; + +__ROM_BASE = (ROM_START + FLASH_S_PARTITION_SIZE + BL2_HEADER_SIZE); +__ROM_SIZE = (FLASH_NS_PARTITION_SIZE - BL2_HEADER_SIZE - BL2_TRAILER_SIZE); + +/*--------------------- Embedded RAM Configuration ---------------------------- + RAM Configuration + RAM Base Address <0x0-0xFFFFFFFF:8> + RAM Size (in Bytes) <0x0-0xFFFFFFFF:8> + + -----------------------------------------------------------------------------*/ +PROVISIONING_SIZE = 0x1000; +__RAM_BASE = (ISRAM0_BASE_ADDRESS + ISRAM1_OFFSET); +__RAM_SIZE = (ISRAM1_SIZE - PROVISIONING_SIZE); + +/*--------------------- Stack / Heap Configuration ---------------------------- + Stack / Heap Configuration + Stack Size (in Bytes) <0x0-0xFFFFFFFF:8> + Heap Size (in Bytes) <0x0-0xFFFFFFFF:8> + + -----------------------------------------------------------------------------*/ +__STACK_SIZE = 0x00002000; +__HEAP_SIZE = 0x000C0000; + +/* + *-------------------- <<< end of configuration section >>> ------------------- + */ + +MEMORY +{ + FLASH (rx) : ORIGIN = __ROM_BASE, LENGTH = __ROM_SIZE + RAM (rwx) : ORIGIN = __RAM_BASE, LENGTH = __RAM_SIZE + DDR (rwx) : ORIGIN = 0x60000000, LENGTH = 0x10000000 + DMA (rwx) : ORIGIN = 0x80000000, LENGTH = 0x02000000 +} + +/* Linker script to place sections and symbol values. + * It references following symbols, which must be defined in code: + * Reset_Handler : Entry of reset handler + * + * It defines following symbols, which code can use without definition: + * __exidx_start + * __exidx_end + * __copy_table_start__ + * __copy_table_end__ + * __zero_table_start__ + * __zero_table_end__ + * __etext + * __data_start__ + * __preinit_array_start + * __preinit_array_end + * __init_array_start + * __init_array_end + * __fini_array_start + * __fini_array_end + * __data_end__ + * __bss_start__ + * __bss_end__ + * __end__ + * end + * __HeapLimit + * __StackLimit + * __StackTop + * __stack + */ +ENTRY(Reset_Handler) + +SECTIONS +{ + .text : + { + _vectors = .; + KEEP(*(.vectors)) + *(.text*) + + . = ALIGN(4); + __copy_table_start__ = .; + LONG (LOADADDR(.data)) + LONG (ADDR(.data)) + LONG (SIZEOF(.data) / 4) + __copy_table_end__ = .; + + /* .zero.table */ + . = ALIGN(4); + __zero_table_start__ = .; + LONG (ADDR(.bss)) + LONG (SIZEOF(.bss) / 4) + __zero_table_end__ = .; + + KEEP(*(.init)) + KEEP(*(.fini)) + + /* .ctors */ + *crtbegin.o(.ctors) + *crtbegin?.o(.ctors) + *(EXCLUDE_FILE(*crtend?.o *crtend.o) .ctors) + *(SORT(.ctors.*)) + *(.ctors) + + /* .dtors */ + *crtbegin.o(.dtors) + *crtbegin?.o(.dtors) + *(EXCLUDE_FILE(*crtend?.o *crtend.o) .dtors) + *(SORT(.dtors.*)) + *(.dtors) + + *(.rodata*) + + KEEP(*(.eh_frame*)) + } > FLASH + + .ARM.extab : + { + *(.ARM.extab* .gnu.linkonce.armextab.*) + } > FLASH + + __exidx_start = .; + .ARM.exidx : + { + *(.ARM.exidx* .gnu.linkonce.armexidx.*) + } > FLASH + __exidx_end = .; + + /** + * Location counter can end up 2byte aligned with narrow Thumb code but + * __etext is assumed by startup code to be the LMA of a section in RAM + * which must be 4byte aligned + */ + __etext = ALIGN (4); + + .data : AT (__etext) + { + __data_start__ = .; + *(vtable) + *(.data) + *(.data.*) + + . = ALIGN(4); + /* preinit data */ + PROVIDE_HIDDEN (__preinit_array_start = .); + KEEP(*(.preinit_array)) + PROVIDE_HIDDEN (__preinit_array_end = .); + + . = ALIGN(4); + /* init data */ + PROVIDE_HIDDEN (__init_array_start = .); + KEEP(*(SORT(.init_array.*))) + KEEP(*(.init_array)) + PROVIDE_HIDDEN (__init_array_end = .); + + . = ALIGN(4); + /* finit data */ + PROVIDE_HIDDEN (__fini_array_start = .); + KEEP(*(SORT(.fini_array.*))) + KEEP(*(.fini_array)) + PROVIDE_HIDDEN (__fini_array_end = .); + + KEEP(*(.jcr*)) + . = ALIGN(4); + *(tasks_share) + /* All data end */ + __data_end__ = .; + + } > RAM + + ddr.bin : + { + __ddr_start__ = .; + . = ALIGN(16); + /* nn model's baked in input matrices */ + *(ifm) + . = ALIGN(16); + /* nn model's default space */ + *(nn_model) + . = ALIGN (16); + /* labels */ + *(labels) + . = ALIGN (16); + *(.bss.NoInit.activation_buf_sram) + *(activation_buf_dram) + . = ALIGN (4); + /* Buffer for transferring VSI audio data from S to NS */ + *(.bss.NoInit.vsi_audio_buffer) + . = ALIGN (16); + *(.bss.NoInit.ethos_u_cache) + __ddr_end__ = .; + } > DDR + + .bss : + { + . = ALIGN(4); + __bss_start__ = .; + *(.bss) + *(.bss.*) + *(COMMON) + . = ALIGN(4); + __bss_end__ = .; + } > RAM AT > RAM + + .heap (COPY) : + { + . = ALIGN(8); + __end__ = .; + PROVIDE(end = .); + . = . + __HEAP_SIZE; + . = ALIGN(8); + __HeapLimit = .; + } > RAM + PROVIDE(__RAM_segment_used_end__ = __HeapLimit); + + .stack (ORIGIN(RAM) + LENGTH(RAM) - __STACK_SIZE) (COPY) : + { + . = ALIGN(8); + __StackLimit = .; + . = . + __STACK_SIZE; + . = ALIGN(8); + __StackTop = .; + } > RAM + PROVIDE(__stack = __StackTop); + + /* Check if data + heap + stack exceeds RAM limit */ + ASSERT(__StackLimit >= __HeapLimit, "region RAM overflowed with stack") +} diff --git a/bsp/corstone320/corstone_320_ns.sct b/bsp/corstone320/corstone_320_ns.sct new file mode 100644 index 0000000..8588152 --- /dev/null +++ b/bsp/corstone320/corstone_320_ns.sct @@ -0,0 +1,85 @@ +#! armclang --target=arm-arm-none-eabi -march=armv8.1-m.main+mve.fp+fp.dp -E -x c +/* + * Copyright (c) 2021-2024, Arm Limited. All rights reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#define FLASH_NS_PARTITION_SIZE 0x340000 +#define FLASH_S_PARTITION_SIZE 0x40000 +#define ROM_START 0x28000000 +#define BL2_HEADER_SIZE 0x400 +#define BL2_TRAILER_SIZE 0xC00 +#define ISRAM0_BASE_ADDRESS 0x21000000 +#define ISRAM1_OFFSET 0x00200000 +#define ISRAM1_SIZE 0x00200000 +#define PROVISIONING_SIZE 0x1000 +#define STACK_SIZE 0x00002000 +#define HEAP_SIZE 0x000C0000 + +LOAD_REGION_0 (ROM_START + ((((0) + (FLASH_S_PARTITION_SIZE)) + BL2_HEADER_SIZE))) +{ + flash.bin (ROM_START + ((((0) + (FLASH_S_PARTITION_SIZE)) + BL2_HEADER_SIZE))) (((FLASH_NS_PARTITION_SIZE) - BL2_HEADER_SIZE - BL2_TRAILER_SIZE)) { + *.o (RESET +First) + * (+RO) + } + + ; The last 0x1000 bytes are reserved for the provisioning bundle + data.bin (ISRAM0_BASE_ADDRESS + ((ISRAM1_OFFSET))) (ISRAM1_SIZE - PROVISIONING_SIZE) { + * (+ZI +RW) + } + + + ARM_LIB_STACK +0 ALIGN 32 EMPTY (STACK_SIZE) { + } + + ARM_LIB_HEAP +0 ALIGN 8 EMPTY (HEAP_SIZE) { + } +} + +;--------------------------------------------------------- +; Second load region (DDR) +;--------------------------------------------------------- +LOAD_REGION_1 0x60000000 0x10000000 +{ + ;----------------------------------------------------- + ; 32 MiB of DDR space for neural network model, + ; input vectors and labels. If the activation buffer + ; size required by the network is bigger than the + ; SRAM size available, it is accommodated here. + ;----------------------------------------------------- + ddr.bin 0x60000000 NOCOMPRESS ALIGN 16 0x10000000 + { + ; nn model's baked in input matrices + *.o (ifm) + + ; nn model + *.o (nn_model) + + ; labels + *.o (labels) + + ; activation buffers a.k.a tensor arena when + ; memory mode sram only or shared sram + *.o (.bss.NoInit.activation_buf_sram) + + ; activation buffers a.k.a tensor arena when memory mode dedicated sram + *.o (activation_buf_dram) + + ; Buffer for transferring VSI audio data from S to NS + *.o (.bss.NoInit.vsi_audio_buffer) + + ; Cache area (if used) + *.o (.bss.NoInit.ethos_u_cache) + } +} diff --git a/bsp/corstone320/include/FreeRTOSConfig_target.h b/bsp/corstone320/include/FreeRTOSConfig_target.h new file mode 100644 index 0000000..3efa54a --- /dev/null +++ b/bsp/corstone320/include/FreeRTOSConfig_target.h @@ -0,0 +1,31 @@ +/* + * FreeRTOS Kernel V10.4.1 + * Copyright (C) 2017 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2023-2024, Arm Limited and/or its affiliates + * + * SPDX-License-Identifier: MIT + */ + +/* From the "Fast Models Reference Guide" (https://developer.arm.com/documentation/100964/1123/About-the-models), + * "Programmer's View (PV) models of processors and devices work at a level + * where functional behavior is equivalent to what a programmer would see using + * the hardware. + * + * They sacrifice timing accuracy to achieve fast simulation execution speeds: + * you can use the PV models for confirming software functionality, but you + * must not rely on the accuracy of cycle counts, low-level component + * interactions, or other hardware-specific behavior." + * + * As described above, FVPs sacrifice timing accuracy to achieve fast + * simulation execution speeds. Therefore, we need this work around of setting + * `configTICK_RATE_HZ` to set a higher scheduler polling rate. + * For example, setting `configTICK_RATE_HZ` to `150` simulates scheduler polling rate + * of `1000 Hz` or 1 tick per millisecond. + * + * In addition, the macro `pdMS_TO_TICKS` is defined here to match the 1 tick + * per millisecond instead of using the macro defined in + * `FreeRTOS-kernel/include/projdefs.h` + */ +#define configTICK_RATE_HZ ( ( uint32_t ) 150 ) +#define pdMS_TO_TICKS( xTimeInMs ) ( ( TickType_t ) xTimeInMs ) +#define TICKS_TO_pdMS( xTicks ) ( ( uint32_t ) xTicks ) diff --git a/bsp/corstone320/include/RTE_Components.h b/bsp/corstone320/include/RTE_Components.h new file mode 100644 index 0000000..f93881c --- /dev/null +++ b/bsp/corstone320/include/RTE_Components.h @@ -0,0 +1,34 @@ +/* + * Copyright (c) 2019-2024, Arm Limited. All rights reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +/*-------- <<< Use Configuration Wizard in Context Menu >>> -------------------- */ + +#ifndef __RTE_COMPONENTS_H +#define __RTE_COMPONENTS_H + +/* USART (Universal synchronous - asynchronous receiver transmitter) [Driver_USART0] */ +/* Configuration settings for Driver_USART0 in component ::Drivers:USART */ +#define RTE_USART0 1 + +/* IO (Input- Output) [arm_mps3_io_drv] */ +/* Configuration settings for ARM MPS3 IO SCC in component ::Native Driver:arm_mps3_io_drv */ +#define RTE_MPS3_IO 1 + +/* HDLCD [hdlcd_drv] */ +/* Configuration settings for ARM MPS3 IO SCC in component ::Native Driver:hdlcd_drv */ +#define RTE_HDLCD 1 + +#endif /* __RTE_COMPONENTS_H */ diff --git a/bsp/corstone320/include/device_cfg.h b/bsp/corstone320/include/device_cfg.h new file mode 100644 index 0000000..552e412 --- /dev/null +++ b/bsp/corstone320/include/device_cfg.h @@ -0,0 +1,276 @@ +/* + * Copyright (c) 2020-2024 Arm Limited. All rights reserved. + * + * Licensed under the Apache License Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing software + * distributed under the License is distributed on an "AS IS" BASIS + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef __DEVICE_CFG_H__ +#define __DEVICE_CFG_H__ + +#include "RTE_Components.h" + +/** + * \file device_cfg.h + * \brief Configuration file native driver re-targeting + * + * \details This file can be used to add native driver specific macro + * definitions to select which peripherals are available in the build. + * + * This is a default device configuration file with all peripherals enabled. + */ + +/* Secure only peripheral configuration */ + +/* ARM MPS3 IO SCC */ +#ifdef RTE_MPS3_IO + #define MPS3_IO_NS + #define MPS3_IO_DEV MPS3_IO_DEV_NS +#endif + +/* I2C_SBCon */ +#ifdef RTE_I2C0 + #define I2C0_SBCON_S + #define I2C0_SBCON_DEV I2C0_SBCON_DEV_S +#endif +#ifdef RTE_I2C1 + #define I2C1_SBCON_S + #define I2C1_SBCON_DEV I2C1_SBCON_DEV_S +#endif +#ifdef RTE_I2C2 + #define I2C2_SBCON_S + #define I2C2_SBCON_DEV I2C2_SBCON_DEV_S +#endif + +/* I2S */ +#ifdef RTE_I2S + #define MPS3_I2S_S + #define MPS3_I2S_DEV MPS3_I2S_DEV_S +#endif + +/* ARM UART Controller CMSDK */ +#ifdef RTE_USART0 + #define UART0_CMSDK_NS + #define UART0_CMSDK_DEV UART0_CMSDK_DEV_NS +#endif +#ifdef RTE_USART1 + #define UART1_CMSDK_S + #define UART1_CMSDK_DEV UART1_CMSDK_DEV_S +#endif +#ifdef RTE_USART2 + #define UART2_CMSDK_S + #define UART2_CMSDK_DEV UART2_CMSDK_DEV_S +#endif +#ifdef RTE_USART3 + #define UART3_CMSDK_S + #define UART3_CMSDK_DEV UART3_CMSDK_DEV_S +#endif +#ifdef RTE_USART4 + #define UART4_CMSDK_S + #define UART4_CMSDK_DEV UART4_CMSDK_DEV_S +#endif +#ifdef RTE_USART5 + #define UART5_CMSDK_S + #define UART5_CMSDK_DEV UART5_CMSDK_DEV_S +#endif + +#define DEFAULT_UART_BAUDRATE 115200U + +/* To be used as CODE and DATA sram */ +#ifdef RTE_ISRAM0_MPC + #define MPC_ISRAM0_S + #define MPC_ISRAM0_DEV MPC_ISRAM0_DEV_S +#endif + +#ifdef RTE_ISRAM1_MPC + #define MPC_ISRAM1_S + #define MPC_ISRAM1_DEV MPC_ISRAM0_DEV_S +#endif + +#ifdef RTE_SRAM_MPC + #define MPC_SRAM_S + #define MPC_SRAM_DEV MPC_SRAM_DEV_S +#endif + +#ifdef RTE_QSPI_MPC + #define MPC_QSPI_S + #define MPC_QSPI_DEV MPC_QSPI_DEV_S +#endif + +/** System Counter Armv8-M */ +#ifdef RTE_SYSCOUNTER + #define SYSCOUNTER_CNTRL_ARMV8_M_S + #define SYSCOUNTER_CNTRL_ARMV8_M_DEV SYSCOUNTER_CNTRL_ARMV8_M_DEV_S + + #define SYSCOUNTER_READ_ARMV8_M_S + #define SYSCOUNTER_READ_ARMV8_M_DEV SYSCOUNTER_READ_ARMV8_M_DEV_S + +/** + * Arbitrary scaling values for test purposes + */ + #define SYSCOUNTER_ARMV8_M_DEFAULT_SCALE0_INT 1u + #define SYSCOUNTER_ARMV8_M_DEFAULT_SCALE0_FRACT 0u + #define SYSCOUNTER_ARMV8_M_DEFAULT_SCALE1_INT 1u + #define SYSCOUNTER_ARMV8_M_DEFAULT_SCALE1_FRACT 0u +#endif /* ifdef RTE_SYSCOUNTER */ + +/* System timer */ +#ifdef RTE_TIMEOUT + #define SYSTIMER0_ARMV8_M_S + #define SYSTIMER0_ARMV8_M_DEV SYSTIMER0_ARMV8_M_DEV_S + #define SYSTIMER1_ARMV8_M_S + #define SYSTIMER1_ARMV8_M_DEV SYSTIMER1_ARMV8_M_DEV_S + #define SYSTIMER2_ARMV8_M_S + #define SYSTIMER2_ARMV8_M_DEV SYSTIMER2_ARMV8_M_DEV_S + #define SYSTIMER3_ARMV8_M_S + #define SYSTIMER3_ARMV8_M_DEV SYSTIMER3_ARMV8_M_DEV_S + + #define SYSTIMER0_ARMV8M_DEFAULT_FREQ_HZ ( 32000000ul ) + #define SYSTIMER1_ARMV8M_DEFAULT_FREQ_HZ ( 32000000ul ) + #define SYSTIMER2_ARMV8M_DEFAULT_FREQ_HZ ( 32000000ul ) + #define SYSTIMER3_ARMV8M_DEFAULT_FREQ_HZ ( 32000000ul ) +#endif /* ifdef RTE_TIMEOUT */ + +/* CMSDK GPIO driver structures */ +#ifdef RTE_GPIO + #define GPIO0_CMSDK_S + #define GPIO0_CMSDK_DEV GPIO0_CMSDK_DEV_S + #define GPIO1_CMSDK_S + #define GPIO1_CMSDK_DEV GPIO1_CMSDK_DEV_S + #define GPIO2_CMSDK_S + #define GPIO2_CMSDK_DEV GPIO2_CMSDK_DEV_S + #define GPIO3_CMSDK_S + #define GPIO3_CMSDK_DEV GPIO3_CMSDK_DEV_S +#endif + +/* System Watchdogs */ +#ifdef RTE_WATCHDOG + #define SYSWDOG_ARMV8_M_S + #define SYSWDOG_ARMV8_M_DEV SYSWDOG_ARMV8_M_DEV_S +#endif + +/* ARM MPC SIE 320 driver structures */ +#ifdef RTE_VM0_MPC + #define MPC_VM0_S + #define MPC_VM0_DEV MPC_VM0_DEV_S +#endif +#ifdef RTE_VM1_MPC + #define MPC_VM1_S + #define MPC_VM1_DEV MPC_VM1_DEV_S +#endif +#ifdef RTE_SSRAM2_MPC + #define MPC_SSRAM2_S + #define MPC_SSRAM2_DEV MPC_SSRAM2_DEV_S +#endif +#ifdef RTE_SSRAM3_MPC + #define MPC_SSRAM3_S + #define MPC_SSRAM3_DEV MPC_SSRAM3_DEV_S +#endif + +/* ARM PPC driver structures */ +#ifdef RTE_MAIN0_PPC_CORSTONE320 + #define PPC_CORSTONE320_MAIN0_S + #define PPC_CORSTONE320_MAIN0_DEV PPC_CORSTONE320_MAIN0_DEV_S +#endif +#ifdef RTE_MAIN_EXP0_PPC_CORSTONE320 + #define PPC_CORSTONE320_MAIN_EXP0_S + #define PPC_CORSTONE320_MAIN_EXP0_DEV PPC_CORSTONE320_MAIN_EXP0_DEV_S +#endif +#ifdef RTE_MAIN_EXP1_PPC_CORSTONE320 + #define PPC_CORSTONE320_MAIN_EXP1_S + #define PPC_CORSTONE320_MAIN_EXP1_DEV PPC_CORSTONE320_MAIN_EXP1_DEV_S +#endif +#ifdef RTE_MAIN_EXP2_PPC_CORSTONE320 + #define PPC_CORSTONE320_MAIN_EXP2_S + #define PPC_CORSTONE320_MAIN_EXP2_DEV PPC_CORSTONE320_MAIN_EXP2_DEV_S +#endif +#ifdef RTE_MAIN_EXP3_PPC_CORSTONE320 + #define PPC_CORSTONE320_MAIN_EXP3_S + #define PPC_CORSTONE320_MAIN_EXP3_DEV PPC_CORSTONE320_MAIN_EXP3_DEV_S +#endif +#ifdef RTE_PERIPH0_PPC_CORSTONE320 + #define PPC_CORSTONE320_PERIPH0_S + #define PPC_CORSTONE320_PERIPH0_DEV PPC_CORSTONE320_PERIPH0_DEV_S +#endif +#ifdef RTE_PERIPH1_PPC_CORSTONE320 + #define PPC_CORSTONE320_PERIPH1_S + #define PPC_CORSTONE320_PERIPH1_DEV PPC_CORSTONE320_PERIPH1_DEV_S +#endif +#ifdef RTE_PERIPH_EXP0_PPC_CORSTONE320 + #define PPC_CORSTONE320_PERIPH_EXP0_S + #define PPC_CORSTONE320_PERIPH_EXP0_DEV PPC_CORSTONE320_PERIPH_EXP0_DEV_S +#endif +#ifdef RTE_PERIPH_EXP1_PPC_CORSTONE320 + #define PPC_CORSTONE320_PERIPH_EXP1_S + #define PPC_CORSTONE320_PERIPH_EXP1_DEV PPC_CORSTONE320_PERIPH_EXP1_DEV_S +#endif +#ifdef RTE_PERIPH_EXP2_PPC_CORSTONE320 + #define PPC_CORSTONE320_PERIPH_EXP2_S + #define PPC_CORSTONE320_PERIPH_EXP2_DEV PPC_CORSTONE320_PERIPH_EXP2_DEV_S +#endif +#ifdef RTE_PERIPH_EXP3_PPC_CORSTONE320 + #define PPC_CORSTONE320_PERIPH_EXP3_S + #define PPC_CORSTONE320_PERIPH_EXP3_DEV PPC_CORSTONE320_PERIPH_EXP3_DEV_S +#endif + +/* DMA350 */ +#ifdef RTE_DMA350 + #define DMA350_DMA0_S + #define DMA350_DMA0_DEV DMA350_DMA0_DEV_S + + #define DMA350_CH0_S + #define DMA350_DMA0_CH0_S + #define DMA350_CH1_S + #define DMA350_DMA0_CH1_S +#endif + +/* Key Management Unit */ +#ifdef RTE_KMU + #define KMU_S + #define KMU_DEV KMU_DEV_S +#endif + +/* Lifecycle Manager */ +#ifdef RTE_LCM + #define LCM_S + #define LCM_DEV LCM_DEV_S +#endif + +/* Security Alarm Manager */ +#ifdef RTE_SAM + #define SAM_S + #define SAM_DEV SAM_DEV_S +#endif + +/* HDLCD Video */ +#ifdef RTE_HDLCD + #define HDLCD_NS + #define HDLCD_DEV HDLCD_DEV_NS +#endif + +/* ARM SPI PL022 */ +/* Invalid device stubs are not defined */ +#define DEFAULT_SPI_SPEED_HZ 4000000U /* 4MHz */ +#ifdef RTE_SPI0 + #define SPI0_PL022_S + #define SPI0_PL022_DEV SPI0_PL022_DEV_S +#endif +#ifdef RTE_SPI1 + #define SPI1_PL022_S + #define SPI1_PL022_DEV SPI1_PL022_DEV_S +#endif +#ifdef RTE_SPI2 + #define SPI2_PL022_S + #define SPI2_PL022_DEV SPI2_PL022_DEV_S +#endif + +#endif /* __DEVICE_CFG_H__ */ diff --git a/bsp/corstone320/include/provisioning_config_target.h b/bsp/corstone320/include/provisioning_config_target.h new file mode 100644 index 0000000..931ddd5 --- /dev/null +++ b/bsp/corstone320/include/provisioning_config_target.h @@ -0,0 +1,11 @@ +/* Copyright 2023-2024, Arm Limited and/or its affiliates + * + * SPDX-License-Identifier: MIT + */ + +#ifndef _PROVISIONING_CONFIG_TARGET_H_ +#define _PROVISIONING_CONFIG_TARGET_H_ + +#define PROVISIONING_DATA_START ( 0x213FF000 ) + +#endif /* _PROVISIONING_CONFIG_TARGET_H_ */ diff --git a/bsp/patches/0001-bsp-Add-CMSIS-Driver-implementation-for-VSI.patch b/bsp/patches/0001-bsp-Add-CMSIS-Driver-implementation-for-VSI.patch index 6fe0099..78fc982 100644 --- a/bsp/patches/0001-bsp-Add-CMSIS-Driver-implementation-for-VSI.patch +++ b/bsp/patches/0001-bsp-Add-CMSIS-Driver-implementation-for-VSI.patch @@ -8,7 +8,7 @@ Content-Transfer-Encoding: 8bit VSI CMSIS-Driver is added as it's needed in the FRI to be used by the ML applications. Hence, added -for corstone300 and corstone310 and corstone315 targets. +for corstone300, corstone310, corstone315 and corstone320 targets. Signed-off-by: Ahmed Ismail Signed-off-by: Dávid Házi @@ -22,6 +22,9 @@ Signed-off-by: Dávid Házi corstone315/CMSIS_Driver/Driver_SAI.c | 340 ++++++++++++++++++++++++++ corstone315/CMSIS_Driver/arm_vsi.h | 117 +++++++++ corstone315/CMakeLists.txt | 1 + + corstone320/CMSIS_Driver/Driver_SAI.c | 340 ++++++++++++++++++++++++++ + corstone320/CMSIS_Driver/arm_vsi.h | 117 +++++++++ + corstone320/CMakeLists.txt | 1 + 9 files changed, 1374 insertions(+) create mode 100644 corstone300/CMSIS_Driver/Driver_SAI.c create mode 100644 corstone300/CMSIS_Driver/arm_vsi.h @@ -29,6 +32,8 @@ Signed-off-by: Dávid Házi create mode 100644 corstone310/CMSIS_Driver/arm_vsi.h create mode 100644 corstone315/CMSIS_Driver/Driver_SAI.c create mode 100644 corstone315/CMSIS_Driver/arm_vsi.h + create mode 100644 corstone320/CMSIS_Driver/Driver_SAI.c + create mode 100644 corstone320/CMSIS_Driver/arm_vsi.h diff --git a/corstone300/CMSIS_Driver/Driver_SAI.c b/corstone300/CMSIS_Driver/Driver_SAI.c new file mode 100644 @@ -1465,6 +1470,487 @@ diff --git a/corstone315/CMakeLists.txt b/corstone315/CMakeLists.txt index 8653539..4cae340 100644 --- a/corstone315/CMakeLists.txt +++ b/corstone315/CMakeLists.txt +@@ -25,6 +25,7 @@ target_sources(arm-corstone-platform-bsp + + ${CMAKE_CURRENT_LIST_DIR}/CMSIS_Driver/Driver_Flash.c + ${CMAKE_CURRENT_LIST_DIR}/CMSIS_Driver/Driver_I2C.c ++ ${CMAKE_CURRENT_LIST_DIR}/CMSIS_Driver/Driver_SAI.c + ${CMAKE_CURRENT_LIST_DIR}/CMSIS_Driver/Driver_SPI.c + ${CMAKE_CURRENT_LIST_DIR}/CMSIS_Driver/Driver_TGU.c + ${CMAKE_CURRENT_LIST_DIR}/CMSIS_Driver/Driver_USART.c +diff --git a/corstone320/CMSIS_Driver/Driver_SAI.c b/corstone320/CMSIS_Driver/Driver_SAI.c +new file mode 100644 +index 0000000..82f2c83 +--- /dev/null ++++ b/corstone320/CMSIS_Driver/Driver_SAI.c +@@ -0,0 +1,340 @@ ++/* Copyright 2023 Arm Limited and/or its affiliates ++ * ++ * SPDX-License-Identifier: Apache-2.0 ++ */ ++ ++#include ++#include "Driver_SAI.h" ++#include "arm_vsi.h" ++#include "device_cfg.h" ++#include CMSIS_device_header ++ ++#define ARM_SAI_DRV_VERSION ARM_DRIVER_VERSION_MAJOR_MINOR( 1, 0 ) /* driver version */ ++ ++/* Audio Peripheral definitions */ ++#define AudioI ARM_VSI0_NS /* Audio Input access struct */ ++#define AudioI_IRQn ARM_VSI0_IRQn /* Audio Input Interrupt number */ ++#define AudioI_Handler ARM_VSI0_Handler /* Audio Input Interrupt handler */ ++ ++/* Audio Peripheral registers */ ++#define CONTROL Regs[ 0 ] /* Control register */ ++#define CHANNELS Regs[ 1 ] /* Channel register */ ++#define SAMPLE_BITS Regs[ 2 ] /* Sample number of bits (8..32) register */ ++#define SAMPLE_RATE Regs[ 3 ] /* Sample rate (samples per second) register */ ++#define BLOCK_SIZE Regs[ 4 ] /* DMA block size register */ ++ ++/* Audio Control register definitions */ ++#define CONTROL_ENABLE_Pos 0U /* CONTROL: ENABLE Position */ ++#define CONTROL_ENABLE_Msk ( 1UL << CONTROL_ENABLE_Pos ) /* CONTROL: ENABLE Mask */ ++ ++/* Audio channel control parameter */ ++#ifndef SAI_NUMBER_OF_CHANNELS ++ #define SAI_NUMBER_OF_CHANNEL 1U ++#endif ++ ++/* Driver Version */ ++static const ARM_DRIVER_VERSION DriverVersion = { ARM_SAI_API_VERSION, ARM_SAI_DRV_VERSION }; ++ ++/* Driver Capabilities */ ++static const ARM_SAI_CAPABILITIES DriverCapabilities = ++{ ++ 1, /* supports asynchronous Transmit/Receive */ ++ 0, /* supports synchronous Transmit/Receive */ ++ 1, /* supports user defined Protocol */ ++ 0, /* supports I2S Protocol */ ++ 0, /* supports MSB/LSB justified Protocol */ ++ 0, /* supports PCM short/long frame Protocol */ ++ 0, /* supports AC'97 Protocol */ ++ 0, /* supports Mono mode */ ++ 0, /* supports Companding */ ++ 0, /* supports MCLK (Master Clock) pin */ ++ 0, /* supports Frame error event: \ref ARM_SAI_EVENT_FRAME_ERROR */ ++ 0 /* reserved (must be zero) */ ++}; ++ ++/* Event Callback */ ++static ARM_SAI_SignalEvent_t CB_Event = NULL; ++ ++/* Driver State */ ++static uint8_t Initialized = 0U; ++ ++/* Driver Current Power State */ ++static ARM_POWER_STATE currentPowerState = ARM_POWER_OFF; ++ ++/* Driver Current Status */ ++static ARM_SAI_STATUS currentDriverStatus; ++ ++/* VSI helper functions prototypes */ ++static void ARM_EnableVSIInterrupts( void ); ++static void ARM_DisableVSIInterrupts( void ); ++ ++/* Audio Input Interrupt Handler */ ++void AudioI_Handler( void ) ++{ ++ AudioI->IRQ.Clear = 0x00000001U; ++ __DSB(); ++ __ISB(); ++ ++ currentDriverStatus.rx_busy = 0U; ++ ++ if( CB_Event != NULL ) ++ { ++ CB_Event( ARM_SAI_EVENT_RECEIVE_COMPLETE ); ++ } ++} ++ ++/* */ ++/* CMSIS Driver APIs */ ++/* */ ++ ++static ARM_DRIVER_VERSION ARM_SAI_GetVersion( void ) ++{ ++ /* Returns version information of the driver implementation in ARM_DRIVER_VERSION */ ++ return DriverVersion; ++} ++ ++static ARM_SAI_CAPABILITIES ARM_SAI_GetCapabilities( void ) ++{ ++ /* Retrieves information about the capabilities in this driver implementation. */ ++ return DriverCapabilities; ++} ++ ++static int32_t ARM_SAI_Initialize( ARM_SAI_SignalEvent_t cb_event ) ++{ ++ CB_Event = cb_event; ++ ++ /* Initialize Audio Input Resources */ ++ AudioI->CONTROL = 0U; ++ AudioI->CHANNELS = 0U; ++ AudioI->SAMPLE_BITS = 0U; ++ AudioI->SAMPLE_RATE = 0U; ++ AudioI->BLOCK_SIZE = 0U; ++ ++ Initialized = 1U; ++ ++ return ARM_DRIVER_OK; ++} ++ ++static int32_t ARM_SAI_Uninitialize( void ) ++{ ++ if( Initialized == 0U ) ++ { ++ return ARM_DRIVER_ERROR; ++ } ++ ++ /* Un-initialize Audio Input Resources */ ++ AudioI->CONTROL = 0U; ++ AudioI->CHANNELS = 0U; ++ AudioI->SAMPLE_BITS = 0U; ++ AudioI->SAMPLE_RATE = 0U; ++ AudioI->BLOCK_SIZE = 0U; ++ ++ Initialized = 0U; ++ ++ return ARM_DRIVER_OK; ++} ++ ++static int32_t ARM_SAI_PowerControl( ARM_POWER_STATE state ) ++{ ++ if( Initialized == 0U ) ++ { ++ return ARM_DRIVER_ERROR; ++ } ++ ++ switch( state ) ++ { ++ case ARM_POWER_OFF: ++ /* Disables related interrupts and DMA, disables peripherals, and terminates any pending data transfers */ ++ ARM_DisableVSIInterrupts(); ++ ++ AudioI->Timer.Control = 0U; ++ AudioI->DMA.Control = 0U; ++ AudioI->IRQ.Clear = 0x00000001U; ++ AudioI->IRQ.Enable = 0x00000000U; ++ currentPowerState = ARM_POWER_OFF; ++ ++ /* Transfers cannot be cancelled, instead we return busy status to pause any pending data transfers */ ++ return ARM_DRIVER_ERROR_BUSY; ++ ++ case ARM_POWER_LOW: ++ currentPowerState = ARM_POWER_LOW; ++ ++ return ARM_DRIVER_ERROR_UNSUPPORTED; ++ ++ case ARM_POWER_FULL: ++ ++ /* Set-up peripheral for data transfers, enable interrupts (NVIC) and DMA */ ++ if( currentPowerState != ARM_POWER_FULL ) ++ { ++ AudioI->DMA.Control = ARM_VSI_DMA_Enable_Msk; ++ AudioI->IRQ.Clear = 0x00000001U; ++ AudioI->IRQ.Enable = 0x00000001U; ++ ++ ARM_EnableVSIInterrupts(); ++ ++ currentPowerState = ARM_POWER_FULL; ++ } ++ ++ break; ++ } ++ ++ return ARM_DRIVER_OK; ++} ++ ++static int32_t ARM_SAI_Receive( void * data, ++ uint32_t num ) ++{ ++ if( Initialized == 0U ) ++ { ++ return ARM_DRIVER_ERROR; ++ } ++ ++ /* During the receive operation it is not allowed to call the function again */ ++ if( currentDriverStatus.rx_busy == 1U ) ++ { ++ return ARM_DRIVER_ERROR_BUSY; ++ } ++ ++ currentDriverStatus.rx_busy = 1U; ++ ++ if( num > 0 ) ++ { ++ /* The driver shoud configures DMA or the interrupt system for continuous reception */ ++ AudioI->DMA.Control = 0U; ++ AudioI->DMA.Address = ( uint32_t ) data; ++ AudioI->DMA.BlockNum = num; ++ AudioI->DMA.BlockSize = AudioI->BLOCK_SIZE; ++ uint32_t sample_rate = AudioI->SAMPLE_RATE; ++ uint32_t sample_size = ( AudioI->CHANNELS * ( ( AudioI->SAMPLE_BITS + 7U ) ) / 8U ); ++ ++ if( ( sample_size == 0U ) || ( sample_rate == 0U ) ) ++ { ++ AudioI->Timer.Interval = 0xFFFFFFFFU; ++ } ++ else ++ { ++ AudioI->Timer.Interval = ( 1000000U * ( AudioI->DMA.BlockSize / sample_size ) ) / sample_rate; ++ } ++ ++ AudioI->DMA.Control = ARM_VSI_DMA_Direction_P2M | ARM_VSI_DMA_Enable_Msk; ++ AudioI->CONTROL = CONTROL_ENABLE_Msk; ++ AudioI->Timer.Control = ARM_VSI_Timer_Trig_DMA_Msk | ARM_VSI_Timer_Trig_IRQ_Msk | ARM_VSI_Timer_Periodic_Msk ++ | ARM_VSI_Timer_Run_Msk; ++ } ++ else ++ { ++ CB_Event( ARM_SAI_EVENT_RECEIVE_COMPLETE ); ++ } ++ ++ /* The receive function is non-blocking and returns as soon as the driver has started the operation */ ++ return ARM_DRIVER_OK; ++} ++ ++static uint32_t ARM_SAI_GetRxCount( void ) ++{ ++ if( Initialized == 0U ) ++ { ++ return ARM_DRIVER_ERROR; ++ } ++ ++ /* Returns the number of the currently received data items during an ARM_SAI_Receive operation. */ ++ return( AudioI->Timer.Count ); ++} ++ ++static int32_t ARM_SAI_Control( uint32_t control, ++ uint32_t arg1, ++ uint32_t arg2 ) ++{ ++ if( Initialized == 0U ) ++ { ++ return ARM_DRIVER_ERROR; ++ } ++ ++ /* Enable or disable receiver; arg1 : 0=disable (default); 1=enable */ ++ if( ( control & ARM_SAI_CONTROL_Msk ) == ARM_SAI_CONTROL_RX ) ++ { ++ AudioI->CONTROL = arg1; ++ } ++ ++ /* Configure transmitter. arg1 and arg2 provide additional configuration options, ++ * arg1: DMA Block size ++ * arg2: Sampling rate ++ */ ++ if( ( control & ARM_SAI_CONTROL_Msk ) == ARM_SAI_CONFIGURE_RX ) ++ { ++ AudioI->CONTROL |= control; ++ ++ /* Note: The current implemented protocol is the user defined protocol which serves the Virtual Streaming Interface (VSI) */ ++ if( ( control & ARM_SAI_PROTOCOL_Msk ) == ARM_SAI_PROTOCOL_USER ) ++ { ++ AudioI->CHANNELS = SAI_NUMBER_OF_CHANNEL; ++ AudioI->SAMPLE_BITS = ( ( control & ARM_SAI_DATA_SIZE_Msk ) >> ARM_SAI_DATA_SIZE_Pos ) + 1U; ++ /* The DMA block size and the sampling rates are to be sent as function arguments */ ++ AudioI->BLOCK_SIZE = arg1; ++ AudioI->SAMPLE_RATE = arg2; ++ } ++ else ++ { ++ /* For other protocols to be implemented */ ++ } ++ } ++ ++ return ARM_DRIVER_OK; ++} ++ ++static ARM_SAI_STATUS ARM_SAI_GetStatus( void ) ++{ ++ ARM_SAI_STATUS driverStatus; ++ ++ /* rx_busy flag can be copied from the static driver status structure */ ++ driverStatus.rx_busy = currentDriverStatus.rx_busy; ++ ++ /* If the receiver is enabled and data is to be received but the receive operation has not been started yet, ++ * then the rx_overflow flag should be set. */ ++ if( ( AudioI->CONTROL & CONTROL_ENABLE_Msk ) ) ++ { ++ if( driverStatus.rx_busy ) ++ { ++ driverStatus.rx_overflow = 0U; ++ } ++ else ++ { ++ driverStatus.rx_overflow = 1U; ++ } ++ } ++ else ++ { ++ driverStatus.rx_overflow = 0U; ++ } ++ ++ return driverStatus; ++} ++/* End SAI Interface */ ++ ++/* VSI helper functions definitions */ ++static void ARM_EnableVSIInterrupts( void ) ++{ ++ NVIC_SetPriority( ARM_VSI0_IRQn, 6 ); ++ NVIC_EnableIRQ( ARM_VSI0_IRQn ); ++} ++ ++static void ARM_DisableVSIInterrupts( void ) ++{ ++ NVIC_DisableIRQ( ARM_VSI0_IRQn ); ++} ++ ++extern ARM_DRIVER_SAI Driver_SAI0; ++ARM_DRIVER_SAI Driver_SAI0 = ++{ ++ ARM_SAI_GetVersion, ++ ARM_SAI_GetCapabilities, ++ ARM_SAI_Initialize, ++ ARM_SAI_Uninitialize, ++ ARM_SAI_PowerControl, ++ NULL, ++ ARM_SAI_Receive, ++ NULL, ++ ARM_SAI_GetRxCount, ++ ARM_SAI_Control, ++ ARM_SAI_GetStatus ++}; +diff --git a/corstone320/CMSIS_Driver/arm_vsi.h b/corstone320/CMSIS_Driver/arm_vsi.h +new file mode 100644 +index 0000000..a5c121c +--- /dev/null ++++ b/corstone320/CMSIS_Driver/arm_vsi.h +@@ -0,0 +1,117 @@ ++/* Copyright 2021-2023 Arm Limited and/or its affiliates ++ * ++ * SPDX-License-Identifier: Apache-2.0 ++ */ ++ ++/* ++ * Virtual Streaming Interface (VSI) ++ */ ++ ++#ifndef __ARM_VSI_H ++ #define __ARM_VSI_H ++ ++ #ifdef __cplusplus ++ extern "C" { ++ #endif ++ ++ #ifndef __IM ++ #define __IM volatile const /*! Defines 'read only' structure member permissions */ ++ #endif ++ #ifndef __OM ++ #define __OM volatile /*! Defines 'write only' structure member permissions */ ++ #endif ++ #ifndef __IOM ++ #define __IOM volatile /*! Defines 'read/write' structure member permissions */ ++ #endif ++ ++ #include ++ ++/** ++ * \brief Structure type to access the virtual streaming interface. ++ */ ++ typedef struct ++ { ++ struct ++ { ++ __IOM uint32_t Enable; /*!< Offset: 0x0000 (R/W) IRQ Enable */ ++ __OM uint32_t Set; /*!< Offset: 0x0004 (-/W) IRQ Set */ ++ __OM uint32_t Clear; /*!< Offset: 0x0008 (-/W) IRQ Clear */ ++ __IM uint32_t Status; /*!< Offset: 0x000C (R/-) IRQ Status */ ++ } IRQ; /*!< Interrupt Request (IRQ) */ ++ uint32_t reserved1[ 60 ]; ++ struct ++ { ++ __IOM uint32_t Control; /*!< Offset: 0x0100 (R/W) Timer Control */ ++ __IOM uint32_t Interval; /*!< Offset: 0x0104 (R/W) Timer Interval Value (in microseconds) */ ++ __IM uint32_t Count; /*!< Offset: 0x0108 (R/-) Timer Overflow Count */ ++ } Timer; /*!< Time counter with 1MHz input frequency */ ++ uint32_t reserved2[ 61 ]; ++ struct ++ { ++ __IOM uint32_t Control; /*!< Offset: 0x0200 (R/W) DMA Control */ ++ __IOM uint32_t Address; /*!< Offset: 0x0204 (R/W) DMA Memory Start Address */ ++ __IOM uint32_t BlockSize; /*!< Offset: 0x0208 (R/W) DMA Block Size (in bytes, multiple of 4) */ ++ __IOM uint32_t BlockNum; /*!< Offset: 0x020C (R/W) DMA Number of Blocks (must be 2^n) */ ++ __IM uint32_t BlockIndex; /*!< Offset: 0x0210 (R/-) DMA Block Index */ ++ } DMA; /*!< Direct Memory Access (DMA) Controller */ ++ uint32_t reserved3[ 59 ]; ++ __IOM uint32_t Regs[ 64 ]; /*!< Offset: 0x0300 (R/W) User Registers */ ++ } ARM_VSI_Type; ++ ++/* VSI Timer Control Definitions for Timer.Control register */ ++ #define ARM_VSI_Timer_Run_Pos 0U /*!< Timer Control: Run Position */ ++ #define ARM_VSI_Timer_Run_Msk ( 1UL << ARM_VSI_Timer_Run_Pos ) /*!< Timer Control: Run Mask */ ++ #define ARM_VSI_Timer_Periodic_Pos 1U /*!< Timer Control: Periodic Position */ ++ #define ARM_VSI_Timer_Periodic_Msk ( 1UL << ARM_VSI_Timer_Periodic_Pos ) /*!< Timer Control: Periodic Mask */ ++ #define ARM_VSI_Timer_Trig_IRQ_Pos 2U /*!< Timer Control: Trig_IRQ Position */ ++ #define ARM_VSI_Timer_Trig_IRQ_Msk ( 1UL << ARM_VSI_Timer_Trig_IRQ_Pos ) /*!< Timer Control: Trig_IRQ Mask */ ++ #define ARM_VSI_Timer_Trig_DMA_Pos 3U /*!< Timer Control: Trig_DAM Position */ ++ #define ARM_VSI_Timer_Trig_DMA_Msk ( 1UL << ARM_VSI_Timer_Trig_DMA_Pos ) /*!< Timer Control: Trig_DMA Mask */ ++ ++/* VSI DMA Control Definitions for DMA.Control register */ ++ #define ARM_VSI_DMA_Enable_Pos 0U /*!< DMA Control: Enable Position */ ++ #define ARM_VSI_DMA_Enable_Msk ( 1UL << ARM_VSI_DMA_Enable_Pos ) /*!< DMA Control: Enable Mask */ ++ #define ARM_VSI_DMA_Direction_Pos 1U /*!< DMA Control: Direction Position */ ++ #define ARM_VSI_DMA_Direction_Msk ( 1UL << ARM_VSI_DMA_Direction_Pos ) /*!< DMA Control: Direction Mask */ ++ #define ARM_VSI_DMA_Direction_P2M ( 0UL * ARM_VSI_DMA_Direction_Msk ) /*!< DMA Control: Direction P2M */ ++ #define ARM_VSI_DMA_Direction_M2P ( 1UL * ARM_VSI_DMA_Direction_Msk ) /*!< DMA Control: Direction M2P */ ++ ++/* Memory mapping of 8 VSI peripherals */ ++ #define ARM_VSI0_BASE ( 0x5FF00000UL ) /*!< VSI 0 Base Address */ ++ #define ARM_VSI1_BASE ( 0x5FF10000UL ) /*!< VSI 1 Base Address */ ++ #define ARM_VSI2_BASE ( 0x5FF20000UL ) /*!< VSI 2 Base Address */ ++ #define ARM_VSI3_BASE ( 0x5FF30000UL ) /*!< VSI 3 Base Address */ ++ #define ARM_VSI4_BASE ( 0x5FF40000UL ) /*!< VSI 4 Base Address */ ++ #define ARM_VSI5_BASE ( 0x5FF50000UL ) /*!< VSI 5 Base Address */ ++ #define ARM_VSI6_BASE ( 0x5FF60000UL ) /*!< VSI 6 Base Address */ ++ #define ARM_VSI7_BASE ( 0x5FF70000UL ) /*!< VSI 7 Base Address */ ++ #define ARM_VSI0_BASE_NS ( 0x4FF00000UL ) /*!< VSI 0 Base Address (non-secure address space) */ ++ #define ARM_VSI1_BASE_NS ( 0x4FF10000UL ) /*!< VSI 1 Base Address (non-secure address space) */ ++ #define ARM_VSI2_BASE_NS ( 0x4FF20000UL ) /*!< VSI 2 Base Address (non-secure address space) */ ++ #define ARM_VSI3_BASE_NS ( 0x4FF30000UL ) /*!< VSI 3 Base Address (non-secure address space) */ ++ #define ARM_VSI4_BASE_NS ( 0x4FF40000UL ) /*!< VSI 4 Base Address (non-secure address space) */ ++ #define ARM_VSI5_BASE_NS ( 0x4FF50000UL ) /*!< VSI 5 Base Address (non-secure address space) */ ++ #define ARM_VSI6_BASE_NS ( 0x4FF60000UL ) /*!< VSI 6 Base Address (non-secure address space) */ ++ #define ARM_VSI7_BASE_NS ( 0x4FF70000UL ) /*!< VSI 7 Base Address (non-secure address space) */ ++ #define ARM_VSI0 ( ( ARM_VSI_Type * ) ARM_VSI0_BASE ) /*!< VSI 0 struct */ ++ #define ARM_VSI1 ( ( ARM_VSI_Type * ) ARM_VSI1_BASE ) /*!< VSI 1 struct */ ++ #define ARM_VSI2 ( ( ARM_VSI_Type * ) ARM_VSI2_BASE ) /*!< VSI 2 struct */ ++ #define ARM_VSI3 ( ( ARM_VSI_Type * ) ARM_VSI3_BASE ) /*!< VSI 3 struct */ ++ #define ARM_VSI4 ( ( ARM_VSI_Type * ) ARM_VSI4_BASE ) /*!< VSI 4 struct */ ++ #define ARM_VSI5 ( ( ARM_VSI_Type * ) ARM_VSI5_BASE ) /*!< VSI 5 struct */ ++ #define ARM_VSI6 ( ( ARM_VSI_Type * ) ARM_VSI6_BASE ) /*!< VSI 6 struct */ ++ #define ARM_VSI7 ( ( ARM_VSI_Type * ) ARM_VSI7_BASE ) /*!< VSI 7 struct */ ++ #define ARM_VSI0_NS ( ( ARM_VSI_Type * ) ARM_VSI0_BASE_NS ) /*!< VSI 0 struct (non-secure address space) */ ++ #define ARM_VSI1_NS ( ( ARM_VSI_Type * ) ARM_VSI1_BASE_NS ) /*!< VSI 1 struct (non-secure address space) */ ++ #define ARM_VSI2_NS ( ( ARM_VSI_Type * ) ARM_VSI2_BASE_NS ) /*!< VSI 2 struct (non-secure address space) */ ++ #define ARM_VSI3_NS ( ( ARM_VSI_Type * ) ARM_VSI3_BASE_NS ) /*!< VSI 3 struct (non-secure address space) */ ++ #define ARM_VSI4_NS ( ( ARM_VSI_Type * ) ARM_VSI4_BASE_NS ) /*!< VSI 4 struct (non-secure address space) */ ++ #define ARM_VSI5_NS ( ( ARM_VSI_Type * ) ARM_VSI5_BASE_NS ) /*!< VSI 5 struct (non-secure address space) */ ++ #define ARM_VSI6_NS ( ( ARM_VSI_Type * ) ARM_VSI6_BASE_NS ) /*!< VSI 6 struct (non-secure address space) */ ++ #define ARM_VSI7_NS ( ( ARM_VSI_Type * ) ARM_VSI7_BASE_NS ) /*!< VSI 7 struct (non-secure address space) */ ++ ++ #ifdef __cplusplus ++ } ++ #endif ++ ++#endif /* __ARM_VSI_H */ +diff --git a/corstone320/CMakeLists.txt b/corstone320/CMakeLists.txt +index 8653539..4cae340 100644 +--- a/corstone320/CMakeLists.txt ++++ b/corstone320/CMakeLists.txt @@ -25,6 +25,7 @@ target_sources(arm-corstone-platform-bsp ${CMAKE_CURRENT_LIST_DIR}/CMSIS_Driver/Driver_Flash.c diff --git a/components/ai/ml_embedded_evaluation_kit/integration/cmake/SetupMlEmbeddedEvaluationKitLibraries.cmake b/components/ai/ml_embedded_evaluation_kit/integration/cmake/SetupMlEmbeddedEvaluationKitLibraries.cmake index c8c0ca1..487139d 100644 --- a/components/ai/ml_embedded_evaluation_kit/integration/cmake/SetupMlEmbeddedEvaluationKitLibraries.cmake +++ b/components/ai/ml_embedded_evaluation_kit/integration/cmake/SetupMlEmbeddedEvaluationKitLibraries.cmake @@ -43,7 +43,7 @@ if(NOT EXISTS "${RESOURCES_OUTFILE}") execute_process( COMMAND ${CMAKE_COMMAND} - -E env CC=gcc + -E env CC=gcc CXX=g++ ${PYTHON} ${ml_embedded_evaluation_kit_SOURCE_DIR}/set_up_default_resources.py ${ML_RESOURCES_SET_UP_ARGS} RESULT_VARIABLE return_code @@ -55,6 +55,13 @@ endif() # Setup virtualenv (done by setup_source_generator()) set(CMAKE_SCRIPTS_DIR ${ml_embedded_evaluation_kit_SOURCE_DIR}/scripts/cmake) +set(MLEK_SCRIPTS_DIR ${ml_embedded_evaluation_kit_SOURCE_DIR}/scripts) + +list(APPEND CMAKE_MODULE_PATH + "${MLEK_SCRIPTS_DIR}/cmake" + "${MLEK_SCRIPTS_DIR}/cmake/configuration_options" + "${MLEK_SCRIPTS_DIR}/cmake/timing_adapter") + include(${CMAKE_SCRIPTS_DIR}/source_gen_utils.cmake) set(MLEK_SCRIPTS_DIR ${ml_embedded_evaluation_kit_SOURCE_DIR}/scripts) setup_source_generator() diff --git a/components/connectivity/freertos_plus_tcp/CMakeLists.txt b/components/connectivity/freertos_plus_tcp/CMakeLists.txt index 342f8ae..2d7d698 100644 --- a/components/connectivity/freertos_plus_tcp/CMakeLists.txt +++ b/components/connectivity/freertos_plus_tcp/CMakeLists.txt @@ -13,7 +13,7 @@ else () if (${ARM_CORSTONE_BSP_TARGET_PLATFORM} STREQUAL "corstone300" OR ${ARM_CORSTONE_BSP_TARGET_PLATFORM} STREQUAL "corstone310") set(FREERTOS_PLUS_TCP_NETWORK_IF "MPS3_AN552" CACHE STRING "FreeRTOS Plus TCP Network Interface selection") - elseif (${ARM_CORSTONE_BSP_TARGET_PLATFORM} STREQUAL "corstone315") + elseif (${ARM_CORSTONE_BSP_TARGET_PLATFORM} STREQUAL "corstone315" OR ${ARM_CORSTONE_BSP_TARGET_PLATFORM} STREQUAL "corstone320") set(FREERTOS_PLUS_TCP_NETWORK_IF "MPS4_CS315" CACHE STRING "FreeRTOS Plus TCP Network Interface selection") endif() @@ -21,6 +21,5 @@ else () add_subdirectory(library/source) add_subdirectory(library/tools) - endif() add_subdirectory(integration) diff --git a/components/freertos_kernel/CMakeLists.txt b/components/freertos_kernel/CMakeLists.txt index 20011e2..1474e2d 100644 --- a/components/freertos_kernel/CMakeLists.txt +++ b/components/freertos_kernel/CMakeLists.txt @@ -15,7 +15,9 @@ else() if(ARM_CORSTONE_BSP_TARGET_PLATFORM STREQUAL "corstone300") set(FREERTOS_PORT GCC_ARM_CM55_TFM) - elseif(ARM_CORSTONE_BSP_TARGET_PLATFORM STREQUAL "corstone310" OR ARM_CORSTONE_BSP_TARGET_PLATFORM STREQUAL "corstone315") + elseif(ARM_CORSTONE_BSP_TARGET_PLATFORM STREQUAL "corstone310" OR + ARM_CORSTONE_BSP_TARGET_PLATFORM STREQUAL "corstone315" OR + ARM_CORSTONE_BSP_TARGET_PLATFORM STREQUAL "corstone320") set(FREERTOS_PORT GCC_ARM_CM85_TFM) endif() @@ -26,6 +28,7 @@ else() $<$:${IOT_REFERENCE_ARM_CORSTONE3XX_SOURCE_DIR}/bsp/corstone300/include> $<$:${IOT_REFERENCE_ARM_CORSTONE3XX_SOURCE_DIR}/bsp/corstone310/include> $<$:${IOT_REFERENCE_ARM_CORSTONE3XX_SOURCE_DIR}/bsp/corstone315/include> + $<$:${IOT_REFERENCE_ARM_CORSTONE3XX_SOURCE_DIR}/bsp/corstone320/include> ) add_subdirectory(library) endif() diff --git a/release_changes/202408061547.change b/release_changes/202408061547.change new file mode 100644 index 0000000..be375e2 --- /dev/null +++ b/release_changes/202408061547.change @@ -0,0 +1 @@ +bsp: Add Corstone-320 diff --git a/tools/scripts/build.sh b/tools/scripts/build.sh index 615aa47..bd47209 100755 --- a/tools/scripts/build.sh +++ b/tools/scripts/build.sh @@ -12,7 +12,7 @@ ROOT="$(realpath $HERE/../..)" EXAMPLE="" CLEAN=0 BUILD_PATH="$(realpath $ROOT/build)" -TARGET="corstone315" +TARGET="corstone320" TARGET_PROCESSOR="" ML_INFERENCE_ENGINE="ETHOS" ETHOS_U_NPU_ID="" @@ -87,10 +87,10 @@ Options: -h,--help Show this help -p,--path Path to the build directory -c,--clean Clean build - -t,--target Build target (corstone300 | corstone310 | corstone315) + -t,--target Build target (corstone300 | corstone310 | corstone315 | corstone320) -i,--inference ML Inference engine selection (ETHOS | SOFTWARE) -s,--audio Audio source (ROM | VSI) - -n | --npu-id Ethos NPU model identifier (U55 | U65) + -n | --npu-id Ethos NPU model identifier (U55 | U65 | U85) --npu-mac Number of 8x8 MACs performed per cycle by the NPU (32 | 64 | 128 | 256 | 512) -T,--toolchain Compiler (GNU or ARMCLANG) -C,--certificate_path Path to the AWS device certificate @@ -219,10 +219,10 @@ case "$ML_INFERENCE_ENGINE" in esac case "$ETHOS_U_NPU_ID" in - U55 | U65 | "" ) + U55 | U65 | U85 | "" ) ;; *) - echo "Invalid NPU type " + echo "Invalid NPU type " show_usage exit 2 ;; @@ -254,11 +254,11 @@ case "$TARGET" in corstone300 ) TARGET_PROCESSOR="cortex-m55" ;; - corstone310 | corstone315 ) + corstone310 | corstone315 | corstone320 ) TARGET_PROCESSOR="cortex-m85" ;; *) - echo "Invalid target " + echo "Invalid target " show_usage exit 2 ;; @@ -314,8 +314,8 @@ if [ "$EXAMPLE" != "blinky" ] && [ ! -f "$PRIVATE_KEY_PATH" ]; then exit 2 fi -if [ "$EXAMPLE" == "object-detection" ] && [ "$TARGET" != "corstone315" ]; then - echo "Error: Invalid combination of example and target. object-detection only supports corstone315" >&2 +if [ "$EXAMPLE" == "object-detection" ] && [ "$TARGET" != "corstone315" ] && [ "$TARGET" != "corstone320" ]; then + echo "Error: Invalid combination of example and target. object-detection only supports corstone315 and corstone320" >&2 exit 2 fi diff --git a/tools/scripts/run.sh b/tools/scripts/run.sh index a2e42bf..b5562f2 100755 --- a/tools/scripts/run.sh +++ b/tools/scripts/run.sh @@ -8,10 +8,10 @@ HERE="$(dirname "$0")" ROOT="$(realpath $HERE/../..)" EXAMPLE="" BUILD_PATH="$(realpath $ROOT/build)" -TARGET="corstone315" +TARGET="corstone320" AUDIO_SOURCE="ROM" NPU_ID="" -FVP_BIN="FVP_Corstone_SSE-315" +FVP_BIN="FVP_Corstone_SSE-320" FRAMES="" OPTIONS="" DISPLAY=true @@ -123,8 +123,11 @@ case "$TARGET" in corstone315 ) FVP_BIN="FVP_Corstone_SSE-315" ;; + corstone320 ) + FVP_BIN="FVP_Corstone_SSE-320" + ;; *) - echo "Invalid target " + echo "Invalid target " show_usage exit 2 ;; @@ -200,7 +203,7 @@ case "$TARGET" in --stat \ -C mps3_board.DISABLE_GATING=1" ;; - corstone315 ) + corstone315 | corstone320 ) OPTIONS="$OPTIONS $DISPLAY_OPTIONS \ -C mps4_board.visualisation.disable-visualisation=1 \ -C core_clk.mul=200000000 \ @@ -217,8 +220,8 @@ case "$TARGET" in ;; esac -if [ "$EXAMPLE" == "object-detection" ] && [ "$TARGET" != "corstone315" ]; then - echo "Error: Invalid combination of example and target. object-detection only supports corstone315" >&2 +if [ "$EXAMPLE" == "object-detection" ] && [ "$TARGET" != "corstone315" ] && [ "$TARGET" != "corstone320" ]; then + echo "Error: Invalid combination of example and target. object-detection only supports corstone315 and corstone320" >&2 exit 2 fi diff --git a/tools/tests/conftest.py b/tools/tests/conftest.py index eaeaaa1..966f600 100644 --- a/tools/tests/conftest.py +++ b/tools/tests/conftest.py @@ -134,7 +134,7 @@ def fvp_process( # When the test is terminated, the FVP subprocess is closed. # Note: It can take few seconds to terminate the FVP - if "SSE-315" in fvp_path: + if "SSE-315" in fvp_path or "SSE-320" in fvp_path: cmdline = [ fvp_path, "-a", From bc40eac523fa2d771c4f2244548cb29098c4f501 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gergely=20Korcs=C3=A1k?= Date: Tue, 6 Aug 2024 16:23:22 +0200 Subject: [PATCH 05/12] component: Update MLEK MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Gergely Korcsák --- .../keyword_detection/ml_interface.cc | 1 - applications/object_detection/ml_interface.cc | 1 - .../speech_recognition/ml_interface.cc | 1 - .../ml_embedded_evaluation_kit/CMakeLists.txt | 6 ++ ...etupMlEmbeddedEvaluationKitLibraries.cmake | 6 +- .../model/GenerateObjectDetectionModel.cmake | 2 +- ...User-defined-resources-download-path.patch | 75 +++++++++---------- ...RCH-configurable-in-TensorFlow-CMake.patch | 33 ++++++++ .../patches/0004-Patch-tensorflow.patch | 31 ++++++++ .../ai/ml_embedded_evaluation_kit/library | 2 +- manifest.yml | 2 +- 11 files changed, 113 insertions(+), 47 deletions(-) create mode 100644 components/ai/ml_embedded_evaluation_kit/integration/patches/0003-Make-ETHOSU_ARCH-configurable-in-TensorFlow-CMake.patch create mode 100644 components/ai/ml_embedded_evaluation_kit/integration/patches/0004-Patch-tensorflow.patch diff --git a/applications/keyword_detection/ml_interface.cc b/applications/keyword_detection/ml_interface.cc index c775edf..1bd83d0 100644 --- a/applications/keyword_detection/ml_interface.cc +++ b/applications/keyword_detection/ml_interface.cc @@ -1053,7 +1053,6 @@ static int prvMlInterfaceInit() caseContext.Set &>( "labels", labels ); - PrintTensorFlowVersion(); LogInfo( ( "*** ML interface initialised\r\n" ) ); return 0; } diff --git a/applications/object_detection/ml_interface.cc b/applications/object_detection/ml_interface.cc index 7ba4698..0d4fe50 100644 --- a/applications/object_detection/ml_interface.cc +++ b/applications/object_detection/ml_interface.cc @@ -487,7 +487,6 @@ static int prvMlInterfaceInit( void ) /* Instantiate application context. */ xCaseContext.Set( "model", xModel ); - PrintTensorFlowVersion(); LogInfo( ( "*** ML interface initialised\r\n" ) ); return 0; } diff --git a/applications/speech_recognition/ml_interface.cc b/applications/speech_recognition/ml_interface.cc index 4cacd63..978f024 100644 --- a/applications/speech_recognition/ml_interface.cc +++ b/applications/speech_recognition/ml_interface.cc @@ -579,7 +579,6 @@ static int prvMlInterfaceInit( void ) caseContext.Set &>( "labels", labels ); caseContext.Set( "classifier", classifier ); - PrintTensorFlowVersion(); LogInfo( ( "*** ML interface initialised\r\n" ) ); return 0; } diff --git a/components/ai/ml_embedded_evaluation_kit/CMakeLists.txt b/components/ai/ml_embedded_evaluation_kit/CMakeLists.txt index 46d1a11..92c43c7 100644 --- a/components/ai/ml_embedded_evaluation_kit/CMakeLists.txt +++ b/components/ai/ml_embedded_evaluation_kit/CMakeLists.txt @@ -14,5 +14,11 @@ set(PATCH_FILES_DIRECTORY "${CMAKE_CURRENT_LIST_DIR}/integration/patches") set(PATCH_FILES "${PATCH_FILES_DIRECTORY}/0001-User-defined-resources-download-path.patch" "${PATCH_FILES_DIRECTORY}/0002-Use-CMSIS_device_header-instead-of-RTE_Components.h.patch" + "${PATCH_FILES_DIRECTORY}/0003-Make-ETHOSU_ARCH-configurable-in-TensorFlow-CMake.patch" ) iot_reference_arm_corstone3xx_apply_patches("${ml_embedded_evaluation_kit_SOURCE_DIR}" "${PATCH_FILES}") + +set(PATCH_FILES + "${PATCH_FILES_DIRECTORY}/0004-Patch-tensorflow.patch" +) +iot_reference_arm_corstone3xx_apply_patches("${ml_embedded_evaluation_kit_SOURCE_DIR}/dependencies/tensorflow/" "${PATCH_FILES}") diff --git a/components/ai/ml_embedded_evaluation_kit/integration/cmake/SetupMlEmbeddedEvaluationKitLibraries.cmake b/components/ai/ml_embedded_evaluation_kit/integration/cmake/SetupMlEmbeddedEvaluationKitLibraries.cmake index 487139d..34287dd 100644 --- a/components/ai/ml_embedded_evaluation_kit/integration/cmake/SetupMlEmbeddedEvaluationKitLibraries.cmake +++ b/components/ai/ml_embedded_evaluation_kit/integration/cmake/SetupMlEmbeddedEvaluationKitLibraries.cmake @@ -9,11 +9,13 @@ include(ExternalProject) ########################### #set(LOG_LEVEL LOG_LEVEL_TRACE) +set(CMSIS_VER 5) + # External repositories -set(CMSIS_SRC_PATH "${ml_embedded_evaluation_kit_SOURCE_DIR}/dependencies/cmsis") +set(CMSIS_SRC_PATH "${ml_embedded_evaluation_kit_SOURCE_DIR}/dependencies/cmsis-${CMSIS_VER}") set(CMSIS_DSP_SRC_PATH "${ml_embedded_evaluation_kit_SOURCE_DIR}/dependencies/cmsis-dsp") set(CMSIS_DSP_INC_DIR "${CMSIS_DSP_SRC_PATH}/Include") -set(CMSIS_CORE_INC_DIR "${ml_embedded_evaluation_kit_SOURCE_DIR}/dependencies/CMSIS/Core/Include") +set(CMSIS_CORE_INC_DIR "${CMSIS_SRC_PATH}/CMSIS/Core/Include") set(CMSIS_NN_SRC_PATH "${ml_embedded_evaluation_kit_SOURCE_DIR}/dependencies/cmsis-nn") set(TENSORFLOW_SRC_PATH "${ml_embedded_evaluation_kit_SOURCE_DIR}/dependencies/tensorflow") set(ETHOS_U_NPU_DRIVER_SRC_PATH "${ml_embedded_evaluation_kit_SOURCE_DIR}/dependencies/core-driver") diff --git a/components/ai/ml_embedded_evaluation_kit/integration/cmake/model/GenerateObjectDetectionModel.cmake b/components/ai/ml_embedded_evaluation_kit/integration/cmake/model/GenerateObjectDetectionModel.cmake index b278de4..0d44dd8 100644 --- a/components/ai/ml_embedded_evaluation_kit/integration/cmake/model/GenerateObjectDetectionModel.cmake +++ b/components/ai/ml_embedded_evaluation_kit/integration/cmake/model/GenerateObjectDetectionModel.cmake @@ -20,7 +20,7 @@ set(OBJECT_DETECTION_IMAGE_SIZE 192) set(OBJECT_DETECTION_ANCHOR_1 "{38, 77, 47, 97, 61, 126}") set(OBJECT_DETECTION_ANCHOR_2 "{14, 26, 19, 37, 28, 55 }") set(OBJECT_DETECTION_ORIGINAL_IMAGE_SIZE ${OBJECT_DETECTION_IMAGE_SIZE}) -set(OBJECT_DETECTION_ACTIVATION_BUF_SZ 0x00082000) +set(OBJECT_DETECTION_ACTIVATION_BUF_SZ 0x00182000) if (ETHOS_U_NPU_ENABLED) set(DEFAULT_MODEL_PATH ${DEFAULT_MODEL_DIR}/yolo-fastest_192_face_v4_vela_${ETHOS_U_NPU_CONFIG_ID}.tflite) diff --git a/components/ai/ml_embedded_evaluation_kit/integration/patches/0001-User-defined-resources-download-path.patch b/components/ai/ml_embedded_evaluation_kit/integration/patches/0001-User-defined-resources-download-path.patch index 2bbecf2..62c1390 100644 --- a/components/ai/ml_embedded_evaluation_kit/integration/patches/0001-User-defined-resources-download-path.patch +++ b/components/ai/ml_embedded_evaluation_kit/integration/patches/0001-User-defined-resources-download-path.patch @@ -14,92 +14,89 @@ Signed-off-by: Ahmed Ismail 1 file changed, 14 insertions(+), 7 deletions(-) diff --git a/set_up_default_resources.py b/set_up_default_resources.py -index bf3aba3..efc8621 100755 +index 2ce972a..85c02ea 100755 --- a/set_up_default_resources.py +++ b/set_up_default_resources.py -@@ -121,6 +121,7 @@ class SetupArgs: +@@ -157,12 +157,14 @@ class PathsConfig: installed. - use_case_resources_file (str) : Path to a JSON file containing the use case + use_case_resources_file (Path) : Path to a JSON file containing the use case metadata resources. + downloaded_model_resources_path (str): Path to store model resources files. + + downloads_dir (Path) : Path to store model resources files. """ - run_vela_on_models: bool = False - additional_npu_config_names: typing.List[str] = () -@@ -129,6 +130,7 @@ class SetupArgs: - check_clean_folder: bool = False additional_requirements_file: Path = "" use_case_resources_file: Path = "" + downloads_dir: Path = "" + downloaded_model_resources_path: Path = "" def load_use_case_resources( -@@ -646,8 +648,7 @@ def set_up_resources(args: SetupArgs) -> Path: +@@ -678,7 +680,7 @@ def set_up_resources(setup_config: SetupConfig, paths_config: PathsConfig) -> Pa """ # Paths. - current_file_dir = Path(__file__).parent.resolve() -- download_dir = current_file_dir / "resources_downloaded" -- metadata_file_path = download_dir / "resources_downloaded_metadata.json" -+ metadata_file_path = args.downloaded_model_resources_path / "resources_downloaded_metadata.json" + check_paths_config(paths_config) +- metadata_file_path = paths_config.downloads_dir / "resources_downloaded_metadata.json" ++ metadata_file_path = paths_config.downloaded_model_resources_path / "resources_downloaded_metadata.json" # Is Python minimum requirement matched? if sys.version_info < py3_version_minimum: -@@ -664,14 +665,14 @@ def set_up_resources(args: SetupArgs) -> Path: +@@ -695,14 +697,14 @@ def set_up_resources(setup_config: SetupConfig, paths_config: PathsConfig) -> Pa setup_script_hash = get_md5sum_for_file(Path(__file__).resolve()) metadata_dict, setup_script_hash_verified = initialize_resources_directory( -- download_dir, -+ args.downloaded_model_resources_path, - args.check_clean_folder, +- paths_config.downloads_dir, ++ paths_config.downloaded_model_resources_path, + setup_config.check_clean_folder, metadata_file_path, setup_script_hash ) env_path, env_activate = set_up_python_venv( -- download_dir, -+ args.downloaded_model_resources_path, - args.additional_requirements_file +- paths_config.downloads_dir, ++ paths_config.downloaded_model_resources_path, + paths_config.additional_requirements_file ) -@@ -681,7 +682,7 @@ def set_up_resources(args: SetupArgs) -> Path: +@@ -712,7 +714,7 @@ def set_up_resources(setup_config: SetupConfig, paths_config: PathsConfig) -> Pa download_resources( use_case, metadata_dict, -- download_dir, -+ args.downloaded_model_resources_path, - args.check_clean_folder, +- paths_config.downloads_dir, ++ paths_config.downloaded_model_resources_path, + setup_config.check_clean_folder, setup_script_hash_verified ) -@@ -698,7 +699,7 @@ def set_up_resources(args: SetupArgs) -> Path: +@@ -728,7 +730,7 @@ def set_up_resources(setup_config: SetupConfig, paths_config: PathsConfig) -> Pa + if setup_config.run_vela_on_models is True: # Consolidate all config names while discarding duplicates: run_vela_on_all_models( - current_file_dir, -- download_dir, -+ args.downloaded_model_resources_path, +- paths_config.downloads_dir, ++ paths_config.downloaded_model_resources_path, env_activate, - args.arena_cache_size, + setup_config.arena_cache_size, npu_config_names=list( -@@ -763,7 +764,12 @@ if __name__ == "__main__": - type=str, - default=default_use_case_resources_path +@@ -799,6 +801,12 @@ if __name__ == "__main__": + type=Path, + default=default_downloads_path ) -- + parser.add_argument( -+ "--downloaded-model-resources-path", ++ "--downloaded-model-resources-path", + help="Path to downloaded model resources", + type=Path, + default=Path(__file__).parent.resolve() / 'resources_downloaded' + ) + parsed_args = parser.parse_args() - if parsed_args.arena_cache_size < 0: -@@ -783,6 +789,7 @@ if __name__ == "__main__": - check_clean_folder=parsed_args.clean, - additional_requirements_file=parsed_args.requirements_file, +@@ -823,6 +831,7 @@ if __name__ == "__main__": use_case_resources_file=parsed_args.use_case_resources_file, -+ downloaded_model_resources_path= parsed_args.downloaded_model_resources_path, + downloads_dir=parsed_args.downloads_dir, + additional_requirements_file=parsed_args.requirements_file, ++ downloaded_model_resources_path=parsed_args.downloaded_model_resources_path, ) - set_up_resources(setup_args) + set_up_resources(setup, paths) -- 2.34.1 diff --git a/components/ai/ml_embedded_evaluation_kit/integration/patches/0003-Make-ETHOSU_ARCH-configurable-in-TensorFlow-CMake.patch b/components/ai/ml_embedded_evaluation_kit/integration/patches/0003-Make-ETHOSU_ARCH-configurable-in-TensorFlow-CMake.patch new file mode 100644 index 0000000..e321956 --- /dev/null +++ b/components/ai/ml_embedded_evaluation_kit/integration/patches/0003-Make-ETHOSU_ARCH-configurable-in-TensorFlow-CMake.patch @@ -0,0 +1,33 @@ +From c5c0bdff764cde7db2c97761a5eff15f55a09dbb Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Gergely=20Korcs=C3=A1k?= +Date: Thu, 8 Aug 2024 17:47:54 +0200 +Subject: [PATCH] Make ETHOSU_ARCH configurable in TensorFlow CMake +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Signed-off-by: Gergely Korcsák +--- + scripts/cmake/tensorflow_lite_micro.cmake | 6 +----- + 1 file changed, 1 insertion(+), 5 deletions(-) + +diff --git a/scripts/cmake/tensorflow_lite_micro.cmake b/scripts/cmake/tensorflow_lite_micro.cmake +index 4a988aa..1640626 100644 +--- a/scripts/cmake/tensorflow_lite_micro.cmake ++++ b/scripts/cmake/tensorflow_lite_micro.cmake +@@ -75,11 +75,7 @@ else() + if(ETHOS_U_NPU_ENABLED) + # Arm Ethos-U55 NPU is the co-processor for ML workload: + set(TENSORFLOW_LITE_MICRO_CO_PROCESSOR "ethos_u") +- if(${ETHOS_U_NPU_ID} STREQUAL "U65") +- set(TENSORFLOW_LITE_MICRO_CO_PROCESSOR_ARCH "u65") +- else() +- set(TENSORFLOW_LITE_MICRO_CO_PROCESSOR_ARCH "u55") +- endif () ++ string(TOLOWER "${ETHOS_U_NPU_ID}" TENSORFLOW_LITE_MICRO_CO_PROCESSOR_ARCH) + endif() + + set(TENSORFLOW_LITE_MICRO_OPTIMIZED_KERNEL "cmsis_nn") +-- +2.34.1 + diff --git a/components/ai/ml_embedded_evaluation_kit/integration/patches/0004-Patch-tensorflow.patch b/components/ai/ml_embedded_evaluation_kit/integration/patches/0004-Patch-tensorflow.patch new file mode 100644 index 0000000..162b15d --- /dev/null +++ b/components/ai/ml_embedded_evaluation_kit/integration/patches/0004-Patch-tensorflow.patch @@ -0,0 +1,31 @@ +From 2352b60b03042fc9ea2d9cf9ce861d8e87341e32 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Gergely=20Korcs=C3=A1k?= +Date: Mon, 12 Aug 2024 15:43:48 +0200 +Subject: [PATCH] Patch tensorflow +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Signed-off-by: Gergely Korcsák +--- + tensorflow/lite/micro/tools/make/ext_libs/ethos_u.inc | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/tensorflow/lite/micro/tools/make/ext_libs/ethos_u.inc b/tensorflow/lite/micro/tools/make/ext_libs/ethos_u.inc +index c61aaff3..81066237 100644 +--- a/tensorflow/lite/micro/tools/make/ext_libs/ethos_u.inc ++++ b/tensorflow/lite/micro/tools/make/ext_libs/ethos_u.inc +@@ -64,6 +64,10 @@ else ifeq ($(ETHOSU_ARCH), u65) + ETHOSU_FLAGS += \ + -DETHOSU_ARCH=u65 \ + -DETHOSU65 ++else ifeq ($(ETHOSU_ARCH), u85) ++ ETHOSU_FLAGS += \ ++ -DETHOSU_ARCH=u85 \ ++ -DETHOSU85 + else + $(error "ETHOSU_ARCH=$(ETHOSU_ARCH) is not supported") + endif +-- +2.34.1 + diff --git a/components/ai/ml_embedded_evaluation_kit/library b/components/ai/ml_embedded_evaluation_kit/library index 325c916..ddb3ffd 160000 --- a/components/ai/ml_embedded_evaluation_kit/library +++ b/components/ai/ml_embedded_evaluation_kit/library @@ -1 +1 @@ -Subproject commit 325c916af5e379600b12b69622bcc7e0d65c941d +Subproject commit ddb3ffdbcfc6f66dc3906e84158f235824536b4a diff --git a/manifest.yml b/manifest.yml index e7b8776..cd37419 100644 --- a/manifest.yml +++ b/manifest.yml @@ -187,7 +187,7 @@ dependencies: license: "Apache-2.0" tpip-category: "category-2" security-risk: "low" - version: "24.05" + version: "ddb3ffdbcfc6f66dc3906e84158f235824536b4a" repository: type: "git" url: "https://review.mlplatform.org/ml/ethos-u/ml-embedded-evaluation-kit.git" From 563301574ca479c4faacb219f3668360029c0d89 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gergely=20Korcs=C3=A1k?= Date: Wed, 14 Aug 2024 15:52:30 +0200 Subject: [PATCH 06/12] component: Update TF-M to main, with Corstone-320 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Gergely Korcsák --- .../security/trusted_firmware-m/integration/CMakeLists.txt | 2 +- .../trusted_firmware-m/integration/cmake/MergeTfmImages.cmake | 2 +- components/security/trusted_firmware-m/library | 2 +- manifest.yml | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/components/security/trusted_firmware-m/integration/CMakeLists.txt b/components/security/trusted_firmware-m/integration/CMakeLists.txt index 9ba1461..4b46a51 100644 --- a/components/security/trusted_firmware-m/integration/CMakeLists.txt +++ b/components/security/trusted_firmware-m/integration/CMakeLists.txt @@ -43,7 +43,7 @@ if(APPLICATION_PATH MATCHES ".*blinky") # the exported library `psa_crypto_config` is not used by the non-secure side and these definitions are missing. target_compile_definitions(tfm-ns-interface-mbedtls-config INTERFACE - MBEDTLS_CONFIG_FILE="${trusted_firmware-m_SOURCE_DIR}/lib/ext/mbedcrypto/mbedcrypto_config/tfm_mbedcrypto_config_default_client.h" + MBEDTLS_CONFIG_FILE="${trusted_firmware-m_SOURCE_DIR}/lib/ext/mbedcrypto/mbedcrypto_config/tfm_mbedcrypto_config_client.h" MBEDTLS_PSA_CRYPTO_CONFIG_FILE="${trusted_firmware-m_SOURCE_DIR}/lib/ext/mbedcrypto/mbedcrypto_config/crypto_config_default.h" ) else() diff --git a/components/security/trusted_firmware-m/integration/cmake/MergeTfmImages.cmake b/components/security/trusted_firmware-m/integration/cmake/MergeTfmImages.cmake index 4c00a17..72fd0c6 100644 --- a/components/security/trusted_firmware-m/integration/cmake/MergeTfmImages.cmake +++ b/components/security/trusted_firmware-m/integration/cmake/MergeTfmImages.cmake @@ -44,7 +44,7 @@ function(iot_reference_arm_corstone3xx_tf_m_merge_images target) $/${target}_signed.bin -Binary -offset ${NS_IMAGE_LOAD_ADDRESS} ${ddr_binary_param} ${ns_provisioning_data_param} - ${BINARY_DIR}/api_ns/bin/encrypted_provisioning_bundle.bin -Binary -offset ${S_PROVISIONING_BUNDLE_LOAD_ADDRESS} + ${BINARY_DIR}/api_ns/bin/provisioning_bundle.bin -Binary -offset ${S_PROVISIONING_BUNDLE_LOAD_ADDRESS} -o $/${target}_merged.hex COMMAND ${objcopy} -I ihex -O elf32-little diff --git a/components/security/trusted_firmware-m/library b/components/security/trusted_firmware-m/library index 0c4c99b..c9352b5 160000 --- a/components/security/trusted_firmware-m/library +++ b/components/security/trusted_firmware-m/library @@ -1 +1 @@ -Subproject commit 0c4c99ba33b3e66deea070e149279278dc7647f4 +Subproject commit c9352b59f2a501b5af3f648b3fc91065993c002f diff --git a/manifest.yml b/manifest.yml index cd37419..3ce781d 100644 --- a/manifest.yml +++ b/manifest.yml @@ -25,7 +25,7 @@ dependencies: license: "BSD-3-Clause" tpip-category: "category-2" security-risk: "high" - version: "TF-Mv2.1.0" + version: "c9352b59f2a501b5af3f648b3fc91065993c002f" repository: type: "git" url: "https://git.trustedfirmware.org/TF-M/trusted-firmware-m.git" From 1f9739870136ff31481f768ef26f8cb0090c1643 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gergely=20Korcs=C3=A1k?= Date: Thu, 22 Aug 2024 10:34:35 +0200 Subject: [PATCH 07/12] provisioning: Add ECDSA provisioning capability MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Provides the changeability of the signing method at `application//CmakeLists.txt`, under `AWS_OTA_SIGNATURE_TYPE`. Provides support for EC_P256, EC_P384, RSA_2048 and RSA_3072. Separates the signing algorithm/keys used for TF-M and the NS side. Signed-off-by: Gergely Korcsák --- .gitlab-ci.yml | 5 + .../CMakeLists.txt | 3 + .../freertos_iot_libraries_tests/main.c | 2 +- .../helpers/provisioning/CMakeLists.txt | 14 ++- .../provisioning/dev_mode_key_provisioning.c | 115 +++++++++++------- applications/keyword_detection/CMakeLists.txt | 10 +- applications/keyword_detection/main.c | 2 +- applications/object_detection/CMakeLists.txt | 10 +- applications/object_detection/main.c | 2 +- .../speech_recognition/CMakeLists.txt | 10 +- applications/speech_recognition/main.c | 2 +- bsp/CMakeLists.txt | 1 - components/aws_iot/cmake/AWSIoTHelpers.cmake | 37 ++++++ .../GenerateAWSUpdateDigestAndSignature.cmake | 16 +-- .../integration/CMakeLists.txt | 12 +- .../integration/cmake/BuildTfm.cmake | 8 +- .../aws_iot/aws_iot_cloud_connection.md | 2 +- tools/ci/license/license.schema | 2 +- tools/scripts/generate_credentials.py | 24 +++- tools/tests/aws_test_util.py | 14 ++- tools/tests/conftest.py | 6 + tools/tests/test_applications.py | 8 +- tools/tests/test_integration.py | 9 +- 23 files changed, 221 insertions(+), 93 deletions(-) create mode 100644 components/aws_iot/cmake/AWSIoTHelpers.cmake diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 66c4ecd..c5295d8 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -76,6 +76,7 @@ workflow: build/${APP}_merged.elf \ build/${APP}-update_signed.bin \ build/update-signature.txt \ + build/CMakeCache.txt \ applications/${APP_UNDERSCORED}/configs/aws_configs fi @@ -252,6 +253,7 @@ test-blinky-output: tar xf ${TARGET}_${APP}_${TOOLCHAIN}_${INFERENCE}_${AUDIO}_${CONN_STACK}_${PSA_CRYPTO_IMPLEMENTATION}_build.tar.gz fi - export APP_UNDERSCORED=$(echo ${APP} | tr '-' '_') + - export SIGNING_ALGO=$(cat build/CMakeCache.txt | grep AWS_OTA_SIGNATURE_TYPE | sed s/.*=// | sed s/-.*//) - | if [[ $AUDIO == "VSI" ]]; then pytest -s tools/tests/test_applications.py \ @@ -261,6 +263,7 @@ test-blinky-output: --credentials-path "applications/${APP_UNDERSCORED}/configs/aws_configs" \ --merged-elf-name "${APP}_merged.elf" \ --signed-update-bin-name "${APP}-update_signed.bin" \ + --signing-algo ${SIGNING_ALGO} \ --timeout-seconds 2700 \ --pass-output-file "applications/${APP_UNDERSCORED}/tests/${TARGET}_pass_output.log" \ --fail-output-file "applications/${APP_UNDERSCORED}/tests/fail_output.log" \ @@ -273,6 +276,7 @@ test-blinky-output: --credentials-path "applications/${APP_UNDERSCORED}/configs/aws_configs" \ --merged-elf-name "${APP}_merged.elf" \ --signed-update-bin-name "${APP}-update_signed.bin" \ + --signing-algo ${SIGNING_ALGO} \ --timeout-seconds 1800 \ --pass-output-file "applications/${APP_UNDERSCORED}/tests/${TARGET}_pass_output.log" \ --fail-output-file "applications/${APP_UNDERSCORED}/tests/fail_output.log" @@ -283,6 +287,7 @@ test-blinky-output: --credentials-path "applications/${APP_UNDERSCORED}/configs/aws_configs" \ --merged-elf-name "${APP}_merged.elf" \ --signed-update-bin-name "${APP}-update_signed.bin" \ + --signing-algo ${SIGNING_ALGO} \ --timeout-seconds 2700 \ --pass-output-file "applications/${APP_UNDERSCORED}/tests/${TARGET}_pass_output.log" \ --fail-output-file "applications/${APP_UNDERSCORED}/tests/fail_output.log" diff --git a/applications/freertos_iot_libraries_tests/CMakeLists.txt b/applications/freertos_iot_libraries_tests/CMakeLists.txt index 0b4f3d2..168a43e 100644 --- a/applications/freertos_iot_libraries_tests/CMakeLists.txt +++ b/applications/freertos_iot_libraries_tests/CMakeLists.txt @@ -4,6 +4,8 @@ cmake_minimum_required(VERSION 3.21.0 FATAL_ERROR) +set(AWS_OTA_SIGNATURE_TYPE "RSA-3072" CACHE STRING "Supported algorithms for signature validation [RSA-2048, RSA-3072, EC-P256, EC-P384]") + # From: ota-for-aws-iot-embedded-sdk/source/include/ota_appversion32.h # struct version # { @@ -51,6 +53,7 @@ list(APPEND CMAKE_MODULE_PATH ${IOT_REFERENCE_ARM_CORSTONE3XX_SOURCE_DIR}/bsp/cm list(APPEND CMAKE_MODULE_PATH ${IOT_REFERENCE_ARM_CORSTONE3XX_SOURCE_DIR}/components/aws_iot/cmake) list(APPEND CMAKE_MODULE_PATH ${IOT_REFERENCE_ARM_CORSTONE3XX_SOURCE_DIR}/components/security/trusted_firmware-m/integration/cmake) include(SetLinkerOptions) +include(AWSIoTHelpers) include(GenerateAWSUpdateDigestAndSignature) include(MergeTfmImages) include(SignTfmImage) diff --git a/applications/freertos_iot_libraries_tests/main.c b/applications/freertos_iot_libraries_tests/main.c index 0fee107..8838d8e 100644 --- a/applications/freertos_iot_libraries_tests/main.c +++ b/applications/freertos_iot_libraries_tests/main.c @@ -173,7 +173,7 @@ int main( void ) LogInfo( ( "Device key provisioning succeeded \n" ) ); - psa_status_t uxStatus = xOtaProvisionCodeSigningKey( &xOTACodeVerifyKeyHandle, 3072 ); + psa_status_t uxStatus = xOtaProvisionCodeSigningKey( &xOTACodeVerifyKeyHandle, AWS_OTA_SIGNATURE_KEY_LEN ); if( uxStatus != PSA_SUCCESS ) { diff --git a/applications/helpers/provisioning/CMakeLists.txt b/applications/helpers/provisioning/CMakeLists.txt index 203ec7a..313857f 100644 --- a/applications/helpers/provisioning/CMakeLists.txt +++ b/applications/helpers/provisioning/CMakeLists.txt @@ -23,8 +23,6 @@ else() fri-bsp ) - ExternalProject_Get_Property(trusted_firmware-m-build BINARY_DIR) - if(FREERTOS_LIBRARIES_INTEGRATION_TESTS EQUAL 1) set( CODE_SIGNING_PUBLIC_KEY_PEM_PATH @@ -33,13 +31,14 @@ else() else() set( CODE_SIGNING_PUBLIC_KEY_PEM_PATH - ${BINARY_DIR}/api_ns/image_signing/keys/image_ns_signing_public_key.pem + ${AWS_OTA_SIGNATURE_PUBLIC_KEY_PATH} ) endif() add_custom_command(OUTPUT ${CMAKE_CURRENT_BINARY_DIR}/aws_clientcredential_keys.h DEPENDS ${AWS_CLIENT_PRIVATE_KEY_PEM_PATH} DEPENDS ${AWS_CLIENT_CERTIFICATE_PEM_PATH} + DEPENDS aws_ota_signing_keys COMMAND ${Python3_EXECUTABLE} ${IOT_REFERENCE_ARM_CORSTONE3XX_SOURCE_DIR}/tools/scripts/generate_credentials_header.py ${CMAKE_CURRENT_BINARY_DIR} @@ -89,4 +88,13 @@ else() freertos_kernel mbedtls ) + + target_compile_definitions(provisioning-lib + PUBLIC + $<$:AWS_OTA_SIGN_RSA> + $<$:AWS_OTA_SIGN_ECDSA> + $<$:AWS_OTA_ECDSA_HEADER_SIZE=26> + + AWS_OTA_SIGNATURE_KEY_LEN=${AWS_OTA_SIG_LEN} + ) endif() # BUILD_TESTING AND NOT CMAKE_CROSS_COMPILING diff --git a/applications/helpers/provisioning/dev_mode_key_provisioning.c b/applications/helpers/provisioning/dev_mode_key_provisioning.c index a256ee1..32d26cd 100644 --- a/applications/helpers/provisioning/dev_mode_key_provisioning.c +++ b/applications/helpers/provisioning/dev_mode_key_provisioning.c @@ -1382,10 +1382,17 @@ int xOtaProvisionCodeSigningKey( psa_key_handle_t * pxKeyHandle, size_t xPubKeyDerLength = DER_FORMAT_BUFFER_LENGTH; size_t xPubKeyPemLength = strlen( ( const char * ) pxProvisioningParamsBundle->codeSigningPublicKey ); int result = 0; + psa_status_t status = PSA_SUCCESS; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - mbedtls_pk_context xMbedPkContext = { 0 }; - mbedtls_pk_init( &xMbedPkContext ); + #ifdef AWS_OTA_SIGN_RSA + mbedtls_pk_context xMbedPkContext = { 0 }; + #elif AWS_OTA_SIGN_ECDSA + uint8_t * pucPubKeyDerFormatBufferEcdsaAligned = pucPubKeyDerFormatBuffer + AWS_OTA_ECDSA_HEADER_SIZE; + size_t xPubKeyDerLengthEcdsaAligned; + #else /* ifdef AWS_OTA_SIGN_RSA */ + #error "Unknown crypto algorithm, supportted algorithms are EC and RSA!" + #endif result = convert_pem_to_der( ( const unsigned char * ) pxProvisioningParamsBundle->codeSigningPublicKey, xPubKeyPemLength, @@ -1394,59 +1401,73 @@ int xOtaProvisionCodeSigningKey( psa_key_handle_t * pxKeyHandle, if( result != 0 ) { - goto exit; + return result; } - /* - * From mbedtls 3.6.0 release note: - * - * Default behavior changes - * psa_import_key() now only accepts RSA keys in the PSA standard formats. - * The undocumented ability to import other formats (PKCS#8, SubjectPublicKey, - * PEM) accepted by the pkparse module has been removed. Applications that - * need these formats can call mbedtls_pk_parse_{public,}key() followed by - * mbedtls_pk_import_into_psa(). - */ - - result = mbedtls_pk_parse_public_key( &xMbedPkContext, - ( const unsigned char * ) pucPubKeyDerFormatBuffer, - xPubKeyDerLength ); - - if( result != 0 ) - { - goto exit; - } - - result = mbedtls_pk_get_psa_attributes( &xMbedPkContext, - PSA_KEY_USAGE_VERIFY_HASH, - &attributes ); - - if( result != 0 ) - { - goto exit; - } - - #ifdef PSA_CRYPTO_IMPLEMENTATION_MBEDTLS - psa_set_key_lifetime( &attributes, PSA_KEY_LIFETIME_VOLATILE ); - #endif + #ifdef AWS_OTA_SIGN_RSA + mbedtls_pk_init( &xMbedPkContext ); + + /* + * From mbedtls 3.6.0 release note: + * + * Default behavior changes + * psa_import_key() now only accepts RSA keys in the PSA standard formats. + * The undocumented ability to import other formats (PKCS#8, SubjectPublicKey, + * PEM) accepted by the pkparse module has been removed. Applications that + * need these formats can call mbedtls_pk_parse_{public,}key() followed by + * mbedtls_pk_import_into_psa(). + */ + result = mbedtls_pk_parse_public_key( &xMbedPkContext, + ( const unsigned char * ) pucPubKeyDerFormatBuffer, + xPubKeyDerLength ); + + if( result != 0 ) + { + mbedtls_pk_free( &xMbedPkContext ); + return result; + } - psa_set_key_algorithm( &attributes, PSA_ALG_RSA_PSS_ANY_SALT( PSA_ALG_SHA_256 ) ); - psa_set_key_bits( &attributes, keyBits ); + result = mbedtls_pk_get_psa_attributes( &xMbedPkContext, + PSA_KEY_USAGE_VERIFY_HASH, + &attributes ); - result = mbedtls_pk_import_into_psa( &xMbedPkContext, - &attributes, - pxKeyHandle ); + if( result != 0 ) + { + mbedtls_pk_free( &xMbedPkContext ); + return result; + } - if( result != 0 ) - { + #ifdef PSA_CRYPTO_IMPLEMENTATION_MBEDTLS + psa_set_key_lifetime( &attributes, PSA_KEY_LIFETIME_VOLATILE ); + #endif + + psa_set_key_bits( &attributes, keyBits ); + psa_set_key_algorithm( &attributes, PSA_ALG_RSA_PSS_ANY_SALT( PSA_ALG_SHA_256 ) ); + status = mbedtls_pk_import_into_psa( &xMbedPkContext, + &attributes, + pxKeyHandle ); + #elif AWS_OTA_SIGN_ECDSA + xPubKeyDerLengthEcdsaAligned = xPubKeyDerLength - AWS_OTA_ECDSA_HEADER_SIZE; + #ifdef PSA_CRYPTO_IMPLEMENTATION_MBEDTLS + psa_set_key_lifetime( &attributes, PSA_KEY_LIFETIME_VOLATILE ); + #endif + psa_set_key_bits( &attributes, keyBits ); + psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_VERIFY_HASH ); + psa_set_key_algorithm( &attributes, PSA_ALG_ECDSA( PSA_ALG_SHA_256 ) ); + psa_set_key_type( &attributes, PSA_KEY_TYPE_ECC_PUBLIC_KEY( PSA_ECC_FAMILY_SECP_R1 ) ); + status = psa_import_key( &attributes, ( const uint8_t * ) pucPubKeyDerFormatBufferEcdsaAligned, + xPubKeyDerLengthEcdsaAligned, pxKeyHandle ); + #endif /* ifdef AWS_OTA_SIGN_RSA */ + + if( status != PSA_SUCCESS ) + { + #ifdef AWS_OTA_SIGN_RSA + mbedtls_pk_free( &xMbedPkContext ); + #endif *pxKeyHandle = NULL; - goto exit; } -exit: - mbedtls_pk_free( &xMbedPkContext ); - - return result; + return status; } UBaseType_t uxIsDeviceProvisioned( void ) diff --git a/applications/keyword_detection/CMakeLists.txt b/applications/keyword_detection/CMakeLists.txt index e278e40..59c8470 100644 --- a/applications/keyword_detection/CMakeLists.txt +++ b/applications/keyword_detection/CMakeLists.txt @@ -4,11 +4,10 @@ cmake_minimum_required(VERSION 3.21.0 FATAL_ERROR) -set(ML_INFERENCE_ENGINE "ETHOS" CACHE STRING "Machine Learning inference engine (ETHOS | SOFTWARE)") - -set(AUDIO_SOURCE "ROM" CACHE STRING "Source of audio data (ROM | VSI)") - -set(APPLICATION_PATH "${IOT_REFERENCE_ARM_CORSTONE3XX_SOURCE_DIR}/applications/keyword_detection" CACHE STRING "Path to the application folder") +set(ML_INFERENCE_ENGINE "ETHOS" CACHE STRING "Machine Learning inference engine (ETHOS | SOFTWARE)") +set(AUDIO_SOURCE "ROM" CACHE STRING "Source of audio data (ROM | VSI)") +set(APPLICATION_PATH "${IOT_REFERENCE_ARM_CORSTONE3XX_SOURCE_DIR}/applications/keyword_detection" CACHE STRING "Path to the application folder") +set(AWS_OTA_SIGNATURE_TYPE "RSA-3072" CACHE STRING "Supported algorithms for signature validation [RSA-2048, RSA-3072, EC-P256, EC-P384]") # From: ota-for-aws-iot-embedded-sdk/source/include/ota_appversion32.h # struct version @@ -68,6 +67,7 @@ list(APPEND CMAKE_MODULE_PATH ${IOT_REFERENCE_ARM_CORSTONE3XX_SOURCE_DIR}/compon list(APPEND CMAKE_MODULE_PATH ${IOT_REFERENCE_ARM_CORSTONE3XX_SOURCE_DIR}/components/security/trusted_firmware-m/integration/cmake) include(SetupMlEmbeddedEvaluationKitLibraries) include(ConvertAudioSourceToCode) +include(AWSIoTHelpers) include(GenerateAWSUpdateDigestAndSignature) include(MergeTfmImages) include(SignTfmImage) diff --git a/applications/keyword_detection/main.c b/applications/keyword_detection/main.c index 267593d..9231355 100644 --- a/applications/keyword_detection/main.c +++ b/applications/keyword_detection/main.c @@ -196,7 +196,7 @@ int main( void ) LogInfo( ( "Device key provisioning succeeded \n" ) ); - psa_status_t uxStatus = xOtaProvisionCodeSigningKey( &xOTACodeVerifyKeyHandle, 3072 ); + psa_status_t uxStatus = xOtaProvisionCodeSigningKey( &xOTACodeVerifyKeyHandle, AWS_OTA_SIGNATURE_KEY_LEN ); if( uxStatus != PSA_SUCCESS ) { diff --git a/applications/object_detection/CMakeLists.txt b/applications/object_detection/CMakeLists.txt index ebd677f..57493f0 100644 --- a/applications/object_detection/CMakeLists.txt +++ b/applications/object_detection/CMakeLists.txt @@ -4,11 +4,10 @@ cmake_minimum_required(VERSION 3.21.0 FATAL_ERROR) -set(ML_INFERENCE_ENGINE "ETHOS" CACHE STRING "Machine Learning inference engine (ETHOS)") - -set(AUDIO_SOURCE "ROM" CACHE STRING "Source of audio data (ROM | VSI)") - -set(APPLICATION_PATH "${IOT_REFERENCE_ARM_CORSTONE3XX_SOURCE_DIR}/applications/object_detection" CACHE STRING "Path to the application folder") +set(ML_INFERENCE_ENGINE "ETHOS" CACHE STRING "Machine Learning inference engine (ETHOS)") +set(AUDIO_SOURCE "ROM" CACHE STRING "Source of audio data (ROM | VSI)") +set(APPLICATION_PATH "${IOT_REFERENCE_ARM_CORSTONE3XX_SOURCE_DIR}/applications/object_detection" CACHE STRING "Path to the application folder") +set(AWS_OTA_SIGNATURE_TYPE "RSA-3072" CACHE STRING "Supported algorithms for signature validation [RSA-2048, RSA-3072, EC-P256, EC-P384]") # From: ota-for-aws-iot-embedded-sdk/source/include/ota_appversion32.h # struct version @@ -67,6 +66,7 @@ list(APPEND CMAKE_MODULE_PATH ${IOT_REFERENCE_ARM_CORSTONE3XX_SOURCE_DIR}/compon list(APPEND CMAKE_MODULE_PATH ${IOT_REFERENCE_ARM_CORSTONE3XX_SOURCE_DIR}/components/ai/ml_embedded_evaluation_kit/integration/cmake) list(APPEND CMAKE_MODULE_PATH ${IOT_REFERENCE_ARM_CORSTONE3XX_SOURCE_DIR}/components/security/trusted_firmware-m/integration/cmake) include(SetupMlEmbeddedEvaluationKitLibraries) +include(AWSIoTHelpers) include(GenerateAWSUpdateDigestAndSignature) include(MergeTfmImages) include(SignTfmImage) diff --git a/applications/object_detection/main.c b/applications/object_detection/main.c index a8573a4..05fd209 100644 --- a/applications/object_detection/main.c +++ b/applications/object_detection/main.c @@ -184,7 +184,7 @@ int main( void ) LogInfo( ( "Device key provisioning succeeded \n" ) ); - uxStatus = xOtaProvisionCodeSigningKey( &xOTACodeVerifyKeyHandle, 3072 ); + uxStatus = xOtaProvisionCodeSigningKey( &xOTACodeVerifyKeyHandle, AWS_OTA_SIGNATURE_KEY_LEN ); if( uxStatus != PSA_SUCCESS ) { diff --git a/applications/speech_recognition/CMakeLists.txt b/applications/speech_recognition/CMakeLists.txt index 9a3dbd6..99abe18 100644 --- a/applications/speech_recognition/CMakeLists.txt +++ b/applications/speech_recognition/CMakeLists.txt @@ -4,11 +4,10 @@ cmake_minimum_required(VERSION 3.21.0 FATAL_ERROR) -set(ML_INFERENCE_ENGINE "ETHOS" CACHE STRING "Machine Learning inference engine (ETHOS)") - -set(AUDIO_SOURCE "ROM" CACHE STRING "Source of audio data (ROM | VSI)") - -set(APPLICATION_PATH "${IOT_REFERENCE_ARM_CORSTONE3XX_SOURCE_DIR}/applications/speech_recognition" CACHE STRING "Path to the application folder") +set(ML_INFERENCE_ENGINE "ETHOS" CACHE STRING "Machine Learning inference engine (ETHOS)") +set(AUDIO_SOURCE "ROM" CACHE STRING "Source of audio data (ROM | VSI)") +set(APPLICATION_PATH "${IOT_REFERENCE_ARM_CORSTONE3XX_SOURCE_DIR}/applications/speech_recognition" CACHE STRING "Path to the application folder") +set(AWS_OTA_SIGNATURE_TYPE "RSA-3072" CACHE STRING "Supported algorithms for signature validation [RSA-2048, RSA-3072, EC-P256, EC-P384]") # From: ota-for-aws-iot-embedded-sdk/source/include/ota_appversion32.h # struct version @@ -68,6 +67,7 @@ list(APPEND CMAKE_MODULE_PATH ${IOT_REFERENCE_ARM_CORSTONE3XX_SOURCE_DIR}/compon list(APPEND CMAKE_MODULE_PATH ${IOT_REFERENCE_ARM_CORSTONE3XX_SOURCE_DIR}/components/security/trusted_firmware-m/integration/cmake) include(SetupMlEmbeddedEvaluationKitLibraries) include(ConvertAudioSourceToCode) +include(AWSIoTHelpers) include(GenerateAWSUpdateDigestAndSignature) include(MergeTfmImages) include(SignTfmImage) diff --git a/applications/speech_recognition/main.c b/applications/speech_recognition/main.c index 4575405..2021f8b 100644 --- a/applications/speech_recognition/main.c +++ b/applications/speech_recognition/main.c @@ -195,7 +195,7 @@ int main( void ) LogInfo( ( "Device key provisioning succeeded \n" ) ); - psa_status_t uxStatus = xOtaProvisionCodeSigningKey( &xOTACodeVerifyKeyHandle, 3072 ); + psa_status_t uxStatus = xOtaProvisionCodeSigningKey( &xOTACodeVerifyKeyHandle, AWS_OTA_SIGNATURE_KEY_LEN ); if( uxStatus != PSA_SUCCESS ) { diff --git a/bsp/CMakeLists.txt b/bsp/CMakeLists.txt index 1247864..eb101ad 100644 --- a/bsp/CMakeLists.txt +++ b/bsp/CMakeLists.txt @@ -182,7 +182,6 @@ set(ARM_CORSTONE_BSP_TARGET_PLATFORM_TFM_CMAKE_ARGS -DCONFIG_TFM_ENABLE_CP10CP11=ON -DMCUBOOT_GENERATE_SIGNING_KEYPAIR=ON -DMCUBOOT_LOG_LEVEL=INFO - -DMCUBOOT_SIGNATURE_KEY_LEN=3072 -DNS=ON -DPLATFORM_DEFAULT_PROVISIONING=OFF -DPLATFORM_DEFAULT_UART_STDOUT=ON diff --git a/components/aws_iot/cmake/AWSIoTHelpers.cmake b/components/aws_iot/cmake/AWSIoTHelpers.cmake new file mode 100644 index 0000000..d9087ec --- /dev/null +++ b/components/aws_iot/cmake/AWSIoTHelpers.cmake @@ -0,0 +1,37 @@ +# Copyright 2024, Arm Limited and/or its affiliates +# +# SPDX-License-Identifier: MIT + +#include(ExternalProject) +find_package(Python3) + +string(REGEX MATCH "^[A-Z]*" AWS_OTA_SIG_TYPE ${AWS_OTA_SIGNATURE_TYPE}) +string(REGEX MATCH "[0-9]*$" AWS_OTA_SIG_LEN ${AWS_OTA_SIGNATURE_TYPE}) +set(AWS_OTA_SIG_TYPE ${AWS_OTA_SIG_TYPE} CACHE INTERNAL "Ota signature algorythm") +set(AWS_OTA_SIG_LEN ${AWS_OTA_SIG_LEN} CACHE INTERNAL "Ota signature length") + +set(AWS_OTA_SIGNATURE_PRIVATE_KEY_PATH ${IOT_REFERENCE_ARM_CORSTONE3XX_SOURCE_DIR}/certs/private_key.pem CACHE STRING "Ota signature private key path") +set(AWS_OTA_SIGNATURE_PUBLIC_KEY_PATH ${IOT_REFERENCE_ARM_CORSTONE3XX_SOURCE_DIR}/certs/public_key.pem CACHE STRING "Ota signature public key path") +set(AWS_OTA_SIGNATURE_CERTIFICATE_PATH ${IOT_REFERENCE_ARM_CORSTONE3XX_SOURCE_DIR}/certs/certificate.pem) #Only used for key generation script + +# NOTE: As of now generate_credentials.py is only capable of generating RSA keys +add_custom_command( + OUTPUT + ${AWS_OTA_SIGNATURE_PRIVATE_KEY_PATH} + ${AWS_OTA_SIGNATURE_PUBLIC_KEY_PATH} + COMMAND + ${Python3_EXECUTABLE} ${IOT_REFERENCE_ARM_CORSTONE3XX_SOURCE_DIR}/tools/scripts/generate_credentials.py + --certificate_country_name UK + --certificate_state_province_name Dummy + --certificate_locality_name Dummy + --certificate_org_name Arm + --certificate_out_path ${AWS_OTA_SIGNATURE_CERTIFICATE_PATH} + --private_key_out_path ${AWS_OTA_SIGNATURE_PRIVATE_KEY_PATH} + --public_key_out_path ${AWS_OTA_SIGNATURE_PUBLIC_KEY_PATH} + --key_bit_length ${AWS_OTA_SIG_LEN} +) +add_custom_target(aws_ota_signing_keys + SOURCES + ${AWS_OTA_SIGNATURE_PRIVATE_KEY_PATH} + ${AWS_OTA_SIGNATURE_PUBLIC_KEY_PATH} +) diff --git a/components/aws_iot/cmake/GenerateAWSUpdateDigestAndSignature.cmake b/components/aws_iot/cmake/GenerateAWSUpdateDigestAndSignature.cmake index 8df6ad0..b062a8e 100644 --- a/components/aws_iot/cmake/GenerateAWSUpdateDigestAndSignature.cmake +++ b/components/aws_iot/cmake/GenerateAWSUpdateDigestAndSignature.cmake @@ -1,10 +1,13 @@ -# Copyright 2023 Arm Limited and/or its affiliates +# Copyright 2023-2024, Arm Limited and/or its affiliates # # SPDX-License-Identifier: MIT -include(ExternalProject) - -ExternalProject_Get_Property(trusted_firmware-m-build BINARY_DIR) +if(${AWS_OTA_SIG_TYPE} STREQUAL "RSA") + set(RSA_PARAMS + -pkeyopt rsa_padding_mode:pss + -pkeyopt rsa_mgf1_md:sha256 + ) +endif() # This function is meant to generate the AWS update signature and digest # for the input parameter, the name of the signature @@ -24,9 +27,8 @@ function(iot_reference_arm_corstone3xx_generate_aws_update_digest_and_signature COMMAND openssl pkeyutl -sign -pkeyopt digest:sha256 - -pkeyopt rsa_padding_mode:pss - -pkeyopt rsa_mgf1_md:sha256 - -inkey ${BINARY_DIR}/api_ns/image_signing/keys/image_ns_signing_private_key.pem + ${RSA_PARAMS} + -inkey ${AWS_OTA_SIGNATURE_PRIVATE_KEY_PATH} -in $/${digest_name}.bin -out $/${signature_name}.bin COMMAND diff --git a/components/security/freertos_ota_pal_psa/integration/CMakeLists.txt b/components/security/freertos_ota_pal_psa/integration/CMakeLists.txt index 6ea6d5b..375f9a3 100644 --- a/components/security/freertos_ota_pal_psa/integration/CMakeLists.txt +++ b/components/security/freertos_ota_pal_psa/integration/CMakeLists.txt @@ -1,4 +1,4 @@ -# Copyright 2023 Arm Limited and/or its affiliates +# Copyright 2023-2024, Arm Limited and/or its affiliates # # SPDX-License-Identifier: MIT @@ -7,10 +7,16 @@ add_library(freertos-ota-pal-psa ${freertos_ota_pal_psa_SOURCE_DIR}/ota_pal.c ) +if(NOT ${AWS_OTA_SIGNATURE_TYPE} STREQUAL "") + string(REGEX MATCH "^[A-Z]*" AWS_OTA_SIG_TYPE ${AWS_OTA_SIGNATURE_TYPE}) +endif() + target_compile_definitions(freertos-ota-pal-psa PRIVATE - OTA_PAL_CODE_SIGNING_ALGO=OTA_PAL_CODE_SIGNING_RSA - OTA_PAL_SIGNATURE_FORMAT=OTA_PAL_SIGNATURE_RAW + $<$:OTA_PAL_CODE_SIGNING_ALGO=OTA_PAL_CODE_SIGNING_RSA> + $<$:OTA_PAL_SIGNATURE_FORMAT=OTA_PAL_SIGNATURE_RAW> + $<$:OTA_PAL_CODE_SIGNING_ALGO=OTA_PAL_CODE_SIGNING_ECDSA> + $<$:OTA_PAL_SIGNATURE_FORMAT=OTA_PAL_SIGNATURE_ASN1_DER> ) target_include_directories(freertos-ota-pal-psa diff --git a/components/security/trusted_firmware-m/integration/cmake/BuildTfm.cmake b/components/security/trusted_firmware-m/integration/cmake/BuildTfm.cmake index 2e8b0f0..3622666 100644 --- a/components/security/trusted_firmware-m/integration/cmake/BuildTfm.cmake +++ b/components/security/trusted_firmware-m/integration/cmake/BuildTfm.cmake @@ -1,4 +1,4 @@ -# Copyright 2021-2023 Arm Limited and/or its affiliates +# Copyright 2021-2024, Arm Limited and/or its affiliates # # SPDX-License-Identifier: MIT @@ -7,6 +7,8 @@ # paths do not need to be listed. # is a placeholder keyword in ExternalProject_Add. +set(TFM_SIGNATURE_TYPE "EC-P256" CACHE STRING "Supported algorithms for signature validation [RSA-2048, RSA-3072, EC-P256, EC-P384]") + set(tfm_ns_interface_generated /api_ns/interface/src/tfm_tz_psa_ns_api.c /api_ns/interface/src/tfm_ps_api.c @@ -48,7 +50,9 @@ ExternalProject_Add( BUILD_ALWAYS ON CMAKE_ARGS - -D TFM_TOOLCHAIN_FILE=/${tfm_toolchain_file} + -DTFM_TOOLCHAIN_FILE=/${tfm_toolchain_file} + -DMCUBOOT_SIGNATURE_TYPE=${TFM_SIGNATURE_TYPE} + -DTFM_BL1_LOG_LEVEL=LOG_LEVEL_INFO ${ARM_CORSTONE_BSP_TARGET_PLATFORM_TFM_CMAKE_ARGS} PATCH_COMMAND diff --git a/docs/applications/aws_iot/aws_iot_cloud_connection.md b/docs/applications/aws_iot/aws_iot_cloud_connection.md index 8a76cf5..8d789f6 100644 --- a/docs/applications/aws_iot/aws_iot_cloud_connection.md +++ b/docs/applications/aws_iot/aws_iot_cloud_connection.md @@ -102,7 +102,7 @@ in the next step. 1. Paste the signature string that is echoed during the build of the example (it is also available in `build/update-signature.txt`). -1. Select `SHA-256` and `RSA` algorithms. +1. Select `SHA-256` and `ECDSA` algorithms. 1. For **Path name of code signing certificate on device** put in `0` (the path is not used) 1. For **Path name of file on device** put in `non_secure image` diff --git a/tools/ci/license/license.schema b/tools/ci/license/license.schema index f9dde91..f79a132 100644 --- a/tools/ci/license/license.schema +++ b/tools/ci/license/license.schema @@ -73,7 +73,7 @@ "properties": { "path": { "type": "string", - "pattern": "\\.(html|json|md|log|in|map|rst|patch|wav|frm|release_ignore|ini|conf|options|toml|change|pylintrc)$" + "pattern": "\\.(html|json|md|log|in|map|rst|patch|wav|frm|release_ignore|ini|conf|options|toml|change|pylintrc|pem)$" }, "type": { "type": "string", diff --git a/tools/scripts/generate_credentials.py b/tools/scripts/generate_credentials.py index 9d3bdeb..9749c70 100644 --- a/tools/scripts/generate_credentials.py +++ b/tools/scripts/generate_credentials.py @@ -17,7 +17,7 @@ def main(args): key = rsa.generate_private_key( public_exponent=65537, - key_size=2048, + key_size=int(args.key_bit_length), ) with open(Path(args.private_key_out_path).parent / "private_key.pem", "wb") as f: f.write( @@ -27,6 +27,14 @@ def main(args): encryption_algorithm=serialization.NoEncryption(), ) ) + pub_key = key.public_key() + with open(Path(args.public_key_out_path).parent / "public_key.pem", "wb") as f: + f.write( + pub_key.public_bytes( + encoding=serialization.Encoding.PEM, + format=serialization.PublicFormat.SubjectPublicKeyInfo, + ) + ) subject = issuer = x509.Name( [ @@ -48,7 +56,7 @@ def main(args): x509.CertificateBuilder() .subject_name(subject) .issuer_name(issuer) - .public_key(key.public_key()) + .public_key(pub_key) .serial_number(x509.random_serial_number()) .not_valid_before(datetime.datetime.now(datetime.timezone.utc)) .not_valid_after( @@ -114,4 +122,16 @@ def main(args): default=".", required=False, ) + parser.add_argument( + "--public_key_out_path", + help="the path where public_key.pem will be generated", + default=".", + required=False, + ) + parser.add_argument( + "--key_bit_length", + help="the bit lenght of the generated private key", + default="2048", + required=False, + ) main(parser.parse_args()) diff --git a/tools/tests/aws_test_util.py b/tools/tests/aws_test_util.py index cd22411..8fa247e 100755 --- a/tools/tests/aws_test_util.py +++ b/tools/tests/aws_test_util.py @@ -1,4 +1,4 @@ -# Copyright 2023 Arm Limited and/or its affiliates +# Copyright 2023-2024, Arm Limited and/or its affiliates # # SPDX-License-Identifier: MIT @@ -34,7 +34,15 @@ def read_whole_file(path, mode="r"): class Flags: - def __init__(self, build_artefacts_path, credentials_dir, signed_update_bin_name): + def __init__( + self, + build_artefacts_path, + credentials_dir, + signed_update_bin_name, + signing_algo, + ): + if "EC" == signing_algo: + signing_algo = "ECDSA" self.BUILD_ARTEFACTS_PATH = build_artefacts_path self.TEST_ID = read_whole_file(Path(credentials_dir) / "test-id.txt").strip() self.AWS_ACCOUNT = boto3.client("sts").get_caller_identity().get("Account") @@ -67,7 +75,7 @@ def __init__(self, build_artefacts_path, credentials_dir, signed_update_bin_name }, "certificateChain": {"certificateName": "0"}, "hashAlgorithm": "SHA256", - "signatureAlgorithm": "RSA", + "signatureAlgorithm": signing_algo, }, }, } diff --git a/tools/tests/conftest.py b/tools/tests/conftest.py index 966f600..ba03bd1 100644 --- a/tools/tests/conftest.py +++ b/tools/tests/conftest.py @@ -29,6 +29,7 @@ def pytest_addoption(parser): parser.addoption("--fvp-options", action="store", default="") parser.addoption("--merged-elf-name", action="store", default="") parser.addoption("--signed-update-bin-name", action="store", default="") + parser.addoption("--signing-algo", action="store", default="RSA") parser.addoption("--timeout-seconds", type=int, action="store", default=1800) parser.addoption("--pass-output-file", action="store", default="") parser.addoption("--fail-output-file", action="store", default="") @@ -100,6 +101,11 @@ def signed_update_bin_name(pytestconfig): yield pytestconfig.getoption("--signed-update-bin-name") +@pytest.fixture +def signing_algo(pytestconfig): + yield pytestconfig.getoption("--signing-algo") + + @pytest.fixture def timeout_seconds(pytestconfig): yield pytestconfig.getoption("--timeout-seconds") diff --git a/tools/tests/test_applications.py b/tools/tests/test_applications.py index 890c629..b0af696 100755 --- a/tools/tests/test_applications.py +++ b/tools/tests/test_applications.py @@ -9,7 +9,9 @@ @fixture(scope="function") -def setup_resources(build_artefacts_path, credentials_path, signed_update_bin_name): +def setup_resources( + build_artefacts_path, credentials_path, signed_update_bin_name, signing_algo +): """ Setup resources needed to run the test. @@ -18,7 +20,9 @@ def setup_resources(build_artefacts_path, credentials_path, signed_update_bin_na signed_update_bin_name: Name of the binary to be used for the OTA update. """ - flags = Flags(build_artefacts_path, credentials_path, signed_update_bin_name) + flags = Flags( + build_artefacts_path, credentials_path, signed_update_bin_name, signing_algo + ) flags = create_aws_resources(flags) try: # Caller won't actually do anything with this, but we have to yield something. diff --git a/tools/tests/test_integration.py b/tools/tests/test_integration.py index 043583a..5d9b009 100755 --- a/tools/tests/test_integration.py +++ b/tools/tests/test_integration.py @@ -19,7 +19,10 @@ @fixture(scope="function") def setup_resources( - build_artefacts_path: str, credentials_path: str, signed_update_bin_name: str + build_artefacts_path: str, + credentials_path: str, + signed_update_bin_name: str, + signing_algo: str, ): """ Setup resources needed to run the test. @@ -28,7 +31,9 @@ def setup_resources( credentials_path: Path to AWS credentials. signed_update_bin_name: Name of the binary to be used for the OTA update. """ - flags = Flags(build_artefacts_path, credentials_path, signed_update_bin_name) + flags = Flags( + build_artefacts_path, credentials_path, signed_update_bin_name, signing_algo + ) flags = create_aws_resources(flags) try: # Caller won't actually do anything with this, but we have to yield something. From cf2836e7a1f419b86b5402d01b47fe0557628f05 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gergely=20Korcs=C3=A1k?= Date: Fri, 16 Aug 2024 07:21:14 +0200 Subject: [PATCH 08/12] docs: Update python version and packages list in `linux_dev_env.md` MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Gergely Korcsák --- docs/development_environment/linux_dev_env.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/development_environment/linux_dev_env.md b/docs/development_environment/linux_dev_env.md index 5783886..d6be5e5 100644 --- a/docs/development_environment/linux_dev_env.md +++ b/docs/development_environment/linux_dev_env.md @@ -25,7 +25,7 @@ ```bash sudo apt update - sudo apt install python3.8-venv -y + sudo apt install python3.10-venv -y python3 -m venv ~/fri-venv source ~/fri-venv/bin/activate ``` @@ -34,7 +34,7 @@ ```bash sudo apt install python3-pip -y - python3 -m pip install ninja imgtool cffi intelhex cbor2 jinja2 PyYaml pyelftools click pyhsslms + python3 -m pip install ninja imgtool cffi intelhex cbor2 jinja2 PyYaml pyelftools click pyhsslms cbor cmake setuptools wheel ``` **NOTE**: The virtual environment can be deactivated when not needed anymore From 570bcf86f34b1dae2e5c38728aa387fbedb2a013 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gergely=20Korcs=C3=A1k?= Date: Wed, 11 Sep 2024 11:05:06 +0200 Subject: [PATCH 09/12] docs: Update docker Ubuntu version MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Gergely Korcsák --- docs/development_environment/linux_dev_env.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/development_environment/linux_dev_env.md b/docs/development_environment/linux_dev_env.md index d6be5e5..657e6ec 100644 --- a/docs/development_environment/linux_dev_env.md +++ b/docs/development_environment/linux_dev_env.md @@ -2,8 +2,8 @@ ## Build requirements -* Ubuntu 20.04. Please note that the following instructions are - validated on Ubuntu 20.04. +* Ubuntu 22.04. Please note that the following instructions are + validated on Ubuntu 22.04. * Git configuration * `git-apply` is used to apply the required patches during CMake configuration. In order for this to succeed, a minimum of `User Name` and `User Email` From 28bc2c21e2cfaaacd90fe6610052308f63a766fa Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gergely=20Korcs=C3=A1k?= Date: Wed, 25 Sep 2024 23:30:53 +0200 Subject: [PATCH 10/12] docs: Add Corstone-320 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Gergely Korcsák --- README.md | 2 ++ docs/applications/blinky.md | 6 +++--- .../running_aws_iot_core_device_advisor_tests.md | 6 +++--- docs/applications/keyword_detection.md | 6 +++--- docs/applications/object_detection.md | 6 +++--- docs/applications/speech_recognition.md | 6 +++--- 6 files changed, 17 insertions(+), 15 deletions(-) diff --git a/README.md b/README.md index e533686..7f84722 100644 --- a/README.md +++ b/README.md @@ -29,6 +29,8 @@ is used to run the application artefacts. The [currently released version <11.24.22>](https://developer.arm.com/downloads/-/arm-ecosystem-fvps) of FVP is supported by the FRI. +* [Corstone-320](https://developer.arm.com/Processors/Corstone-320) + * Arm Cortex-M85 CPU, Ethos-U85 NPU and Mali-C55 ISP * [Corstone-315](https://developer.arm.com/Processors/Corstone-315) * Arm Cortex-M85 CPU, Ethos-U65 NPU and Mali-C55 ISP * [Corstone-310](https://developer.arm.com/Processors/Corstone-310) diff --git a/docs/applications/blinky.md b/docs/applications/blinky.md index 3bb4cf9..77684e7 100644 --- a/docs/applications/blinky.md +++ b/docs/applications/blinky.md @@ -19,19 +19,19 @@ setup correctly before proceeding. To build the blinky example, run the following command: ```bash -./tools/scripts/build.sh blinky --target --toolchain +./tools/scripts/build.sh blinky --target --toolchain ``` Run the command below to perform a clean build: ```bash -./tools/scripts/build.sh blinky --target --toolchain -c +./tools/scripts/build.sh blinky --target --toolchain -c ``` ## Running the application To run the blinky example, run the following command: ```bash -./tools/scripts/run.sh blinky --target +./tools/scripts/run.sh blinky --target ``` ### Expected output diff --git a/docs/applications/device_advisor/running_aws_iot_core_device_advisor_tests.md b/docs/applications/device_advisor/running_aws_iot_core_device_advisor_tests.md index 47bf6ac..5a98fcd 100644 --- a/docs/applications/device_advisor/running_aws_iot_core_device_advisor_tests.md +++ b/docs/applications/device_advisor/running_aws_iot_core_device_advisor_tests.md @@ -65,7 +65,7 @@ Save and close the file. To build the application, run the following command: ```bash -./tools/scripts/build.sh ${APPLICATION_NAME} --certificate_path --private_key_path --target --toolchain GNU --conn-stack --psa-crypto-implementation +./tools/scripts/build.sh ${APPLICATION_NAME} --certificate_path --private_key_path --target --toolchain GNU --conn-stack --psa-crypto-implementation ``` * The `certificate pem's path` and `private key pem's path` should be the downloaded key's and certificate's paths during the Thing creation. @@ -73,7 +73,7 @@ To build the application, run the following command: Or, run the command below to perform a clean build: ```bash -./tools/scripts/build.sh ${APPLICATION_NAME} --certificate_path --private_key_path --target --toolchain GNU --conn-stack --psa-crypto-implementation -c +./tools/scripts/build.sh ${APPLICATION_NAME} --certificate_path --private_key_path --target --toolchain GNU --conn-stack --psa-crypto-implementation -c ``` ## Running the application @@ -87,7 +87,7 @@ to start the [previously created](#creating-aws-iot-core-qualification-test-suit Now run the application by running the following command: ```bash -./tools/scripts/run.sh ${APPLICATION_NAME} --target +./tools/scripts/run.sh ${APPLICATION_NAME} --target ``` Once the device advisor has completed all the tests, you can download the AWS diff --git a/docs/applications/keyword_detection.md b/docs/applications/keyword_detection.md index 04b1aac..b52bc92 100644 --- a/docs/applications/keyword_detection.md +++ b/docs/applications/keyword_detection.md @@ -47,7 +47,7 @@ Follow the instructions described in [Setting Up AWS Connectivity](./aws_iot/set To build the Keyword-Detection example, run the following command: ```bash -./tools/scripts/build.sh keyword-detection --certificate_path --private_key_path --target --inference --audio --toolchain --conn-stack --psa-crypto-implementation +./tools/scripts/build.sh keyword-detection --certificate_path --private_key_path --target --inference --audio --toolchain --conn-stack --psa-crypto-implementation ``` * The `certificate pem's path` and `private key pem's path` should be the downloaded key's and certificate's path if you chose the **Auto-generate a new certificate** during the Thing creation. If you chose **Skip creating a certificate at this time** then these paths should locate the generated credential files that were created by the `./tools/scripts/generate_credentials.py` script in the previous step. @@ -63,7 +63,7 @@ implementation, please refer to [Mbed TLS document](../components/security/mbedt Or, run the command below to perform a clean build: ```bash -./tools/scripts/build.sh keyword-detection --certificate_path --private_key_path --target --inference --audio --toolchain --conn-stack --psa-crypto-implementation -c +./tools/scripts/build.sh keyword-detection --certificate_path --private_key_path --target --inference --audio --toolchain --conn-stack --psa-crypto-implementation -c ``` ## Provisioning the device credentials into Protected Storage @@ -82,7 +82,7 @@ If you would like to run the keyword detection application using VSI configurati To run the Keyword-Detection example, run the following command: ```bash -./tools/scripts/run.sh keyword-detection --target --audio +./tools/scripts/run.sh keyword-detection --target --audio ``` ### Expected output diff --git a/docs/applications/object_detection.md b/docs/applications/object_detection.md index 656a999..4086ca9 100644 --- a/docs/applications/object_detection.md +++ b/docs/applications/object_detection.md @@ -25,7 +25,7 @@ Follow the instructions described in [Setting Up AWS Connectivity](./aws_iot/set To build the Object-Detection example, run the following command: ```bash -./tools/scripts/build.sh object-detection --certificate_path --private_key_path -t corstone315 --toolchain GNU --conn-stack --psa-crypto-implementation +./tools/scripts/build.sh object-detection --certificate_path --private_key_path -t --toolchain GNU --conn-stack --psa-crypto-implementation ``` - The `certificate pem's path` and `private key pem's path` should be the downloaded key's and certificate's path if you chose the **Auto-generate a new certificate** during the Thing creation. If you chose **Skip creating a certificate at this time** then these paths should locate the generated credential files that were created by the `./tools/scripts/generate_credentials.py` script in the previous step. @@ -38,7 +38,7 @@ implementation, please refer to [Mbed TLS document](../components/security/mbedt Or, run the command below to perform a clean build: ```bash -./tools/scripts/build.sh object-detection --certificate_path --private_key_path -t corstone315 --toolchain GNU --conn-stack --psa-crypto-implementation -c +./tools/scripts/build.sh object-detection --certificate_path --private_key_path -t --toolchain GNU --conn-stack --psa-crypto-implementation -c ``` ## Provisioning the device credentials into Protected Storage @@ -48,7 +48,7 @@ Check [Device Provisioning](./device_provisioning/device_provisioning.md) for de ## Running the application ```bash -./tools/scripts/run.sh object-detection -t corstone315 --frames applications/object_detection/resources/test.frm +./tools/scripts/run.sh object-detection -t --frames applications/object_detection/resources/test.frm ``` - The `frames` is used to select the input frames file. diff --git a/docs/applications/speech_recognition.md b/docs/applications/speech_recognition.md index a6c0582..85fd0c9 100644 --- a/docs/applications/speech_recognition.md +++ b/docs/applications/speech_recognition.md @@ -27,7 +27,7 @@ Follow the instructions described in [Setting Up AWS Connectivity](./aws_iot/set To build the Speech-Recognition example, run the following command: ```bash -./tools/scripts/build.sh speech-recognition --certificate_path --private_key_path --target --inference ETHOS --audio --toolchain --conn-stack --psa-crypto-implementation +./tools/scripts/build.sh speech-recognition --certificate_path --private_key_path --target --inference ETHOS --audio --toolchain --conn-stack --psa-crypto-implementation ``` * The `certificate pem's path` and `private key pem's path` should be the downloaded key's and certificate's path if you chose the **Auto-generate a new certificate** during the Thing creation. If you chose **Skip creating a certificate at this time** then these paths should locate the generated credential files that were created by the `./tools/scripts/generate_credentials.py` script in the previous step. @@ -41,7 +41,7 @@ implementation, please refer to [Mbed TLS document](../components/security/mbedt Or, run the command below to perform a clean build: ```bash -./tools/scripts/build.sh speech-recognition --certificate_path --private_key_path --target --inference ETHOS --audio --toolchain --conn-stack --psa-crypto-implementation -c +./tools/scripts/build.sh speech-recognition --certificate_path --private_key_path --target --inference ETHOS --audio --toolchain --conn-stack --psa-crypto-implementation -c ``` ## Provisioning the device credentials into Protected Storage @@ -60,7 +60,7 @@ If you would like to run the speech recognition application using VSI configurat To run the Speech-Recognition example, run the following command: ```bash -./tools/scripts/run.sh speech-recognition --target --audio +./tools/scripts/run.sh speech-recognition --target --audio ``` ### Expected output From eb0b5f2b1bcd892e059a7680de4b8735a844e172 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gergely=20Korcs=C3=A1k?= Date: Thu, 19 Sep 2024 14:19:06 +0200 Subject: [PATCH 11/12] docs: Update AWS Qualification test descriptions MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Gergely Korcsák --- ...nning_aws_iot_core_device_advisor_tests.md | 59 ++++++++++++++++--- 1 file changed, 52 insertions(+), 7 deletions(-) diff --git a/docs/applications/device_advisor/running_aws_iot_core_device_advisor_tests.md b/docs/applications/device_advisor/running_aws_iot_core_device_advisor_tests.md index 5a98fcd..ce549d4 100644 --- a/docs/applications/device_advisor/running_aws_iot_core_device_advisor_tests.md +++ b/docs/applications/device_advisor/running_aws_iot_core_device_advisor_tests.md @@ -6,25 +6,70 @@ to learn more about the device advisor. ## Creating an IoT thing -Follow the instructions described in the section listed below to create an IoT thing for your device. +Follow the instructions described in the section listed below to create an [IoT thing][creating-an-iot-thing-for-your-device], policy, IAM Policy and IAM role +for your device. -* [IoT thing][creating-an-iot-thing-for-your-device] - -## Creating roles and policies - -Follow the instructions described in the [page](https://docs.aws.amazon.com/iot/latest/developerguide/device-advisor-setting-up.html#da-iam-role) to create a policy for your IoT thing and then a device advisor role. +## Setting up IAM Roles and Policies * Create an IAM role to use as your device role. * As part of creating the policy, the topic and topic filter shall be assigned a value `*` and the `clientId` should match the IoT thing name. * Create a custom-managed policy for an IAM user to use Device Advisor * Create an IAM user to use Device Advisor (AWS recommendation) +1. Go to the [IAM Dashboard](https://us-east-1.console.aws.amazon.com/iam/home?region=us-west-2#/home). +2. In the left navigation pane under **Access management** select **Policies**, then click on **Create policy**. + * Select the `IoT` service, then click on **Next**. + * Under `IoT` **Actions allowed** select the following: `Connect`, `Publish`, `Subscribe`, `Receive` and + `RetainPublish`.\ + Under **Resources**: Ether keep it on `All`, or specify the **client**, **topic** and **topicfilter** with + clicking on **Add ARNs**. + Make sure that you select the same **Resource region** that you specified when creating your **IoT Thing**, + or specify it as `*`. You can set the **Resource client** as your **IoT Thing** name or `*`. In the end you should see: + ```text + client: arn:aws:iot:eu-west-1:{account-id}:client/* + topic: arn:aws:iot:eu-west-1:{account-id}:topic/* + topicfilter: arn:aws:iot:eu-west-1:{account-id}:topicfilter/* + ``` + then click on **Next**. + * Give a **Policy name** in which you can include the **region** you are using, like: + `Proj-device-advisor-eu-west-1-any`, and click on **Create policy**. +3. In the left navigation pane under **Access management** select **Roles**, then click on **Create role**. + * Select `Custom trust policy`, and set the following **Trust policy**: + ```json + { + "Version": "2012-10-17", + "Statement": [ + { + "Sid": "AllowAwsIoTCoreDeviceAdvisor", + "Effect": "Allow", + "Principal": { + "Service": "iotdeviceadvisor.amazonaws.com" + }, + "Action": "sts:AssumeRole" + } + ] + } + ``` + then click on **Next**. + * Under **Permission policies** select the policy that you previously defined, like: + `Proj-device-advisor-eu-west-1-any`.\ + Under **Set permission boundary** select `Use a permissions boundary to control the maximum role permissions` if + you have predefined boundary's, then select your project admin boundary. + Then click on **Next**. + * Set the role name, like: `Proj-device-advisor-role-eu-west-1-any`, then click on **Create role**. + +For more information follow the instructions described in the +[page](https://docs.aws.amazon.com/iot/latest/developerguide/device-advisor-setting-up.html#da-iam-role) +to create a policy for your IoT thing and then a device advisor role. + ## Creating AWS IoT Core Qualification test suite Follow the instructions described the [page](https://docs.aws.amazon.com/iot/latest/developerguide/device-advisor-console-tutorial.html#device-advisor-console-create-suite) to create AWS IoT Core Qualification test suite. -The `Trigger Topic` property should be set to the value of `deviceAdvisorTOPIC_FORMAT` macro available at [aws_device_advisor_task.h](../../../applications/helpers/device_advisor/inc/aws_device_advisor_task.h) for `TLS Receive Maximum Size Fragments` test. +- The `Trigger Topic` property should be set to the value of `deviceAdvisorTOPIC_FORMAT` macro available at [aws_device_advisor_task.h](../../../applications/helpers/device_advisor/inc/aws_device_advisor_task.h) for `TLS Receive Maximum Size Fragments` test. +- The Device role should be a previously created IAM Role, like: `Proj-device-advisor-role-eu-west-1-any`. +- **Make sure that this role is also set up for the same region, that your test is using, or any!** ## Configuring the application to connect to AWS IoT Core Device Advisor From 0e8f2bac07efa0979408a6d29c5526c3702342a5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gergely=20Korcs=C3=A1k?= Date: Mon, 30 Sep 2024 17:05:52 +0200 Subject: [PATCH 12/12] docker: Add Corstone-320 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Gergely Korcsák --- .devcontainer/Dockerfile | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/.devcontainer/Dockerfile b/.devcontainer/Dockerfile index 701b19e..ac915ba 100644 --- a/.devcontainer/Dockerfile +++ b/.devcontainer/Dockerfile @@ -186,6 +186,20 @@ RUN rm -rf /home/ubuntu/FVP_Corstone_SSE-315; \ rm -rf /tmp/arm-ecosystem-fvp ENV PATH="/home/ubuntu/FVP_Corstone_SSE-315/models/Linux64_armv8l_GCC-9.3:/home/ubuntu/FVP_Corstone_SSE-315/models/Linux64_GCC-9.3:${PATH}" +# Download and install Corstone-320 ecosystem FVP +RUN rm -rf /home/ubuntu/FVP_Corstone_SSE-320; \ + mkdir /tmp/arm-ecosystem-fvp; \ + FVP_LINK=""; \ + if [[ $(uname -m) == "aarch64" ]]; then \ + FVP_LINK="_armv8l"; \ + fi; \ + wget -qO - https://developer.arm.com/-/media/Arm%20Developer%20Community/Downloads/OSS/FVP/Corstone-320/FVP_Corstone_SSE-320_11.27_25_Linux64${FVP_LINK}.tgz \ + | tar -xz -C /tmp/arm-ecosystem-fvp; \ + cd /tmp/arm-ecosystem-fvp && ./FVP_Corstone_SSE-320.sh --i-agree-to-the-contained-eula --no-interactive -q; \ + rm -rf /tmp/arm-ecosystem-fvp +ENV PATH="/home/ubuntu/FVP_Corstone_SSE-320/models/Linux64_armv8l_GCC-9.3:/home/ubuntu/FVP_Corstone_SSE-320/models/Linux64_GCC-9.3:${PATH}" +ENV LD_LIBRARY_PATH=/home/ubuntu/FVP_Corstone_SSE-320/python/lib + # Install uncrustify # With ubuntu 22.04, the version of uncrustify installed is 0.72.0+dfsg1-2. # However, we need the version 0.69.0. Therefore, build and install it manually.