release: Zephyr 2.7.6

Set version to 2.7.6

Signed-off-by: Christopher Friedt <cfriedt@meta.com>

.github/workflows/backport.yml

@@ -9,7 +9,7 @@ on:
 
 jobs:
   backport:
-    runs-on: ubuntu-18.04
+    runs-on: ubuntu-20.04
     name: Backport
     steps:
       - name: Backport

.github/workflows/backport_issue_check.yml

@@ -0,0 +1,30 @@
+name: Backport Issue Check
+
+on:
+  pull_request_target:
+    branches:
+      - v*-branch
+
+jobs:
+  backport:
+    name: Backport Issue Check
+    runs-on: ubuntu-22.04
+
+    steps:
+      - name: Check out source code
+        uses: actions/checkout@v3
+
+      - name: Install Python dependencies
+        run: |
+          sudo pip3 install -U setuptools wheel pip
+          pip3 install -U pygithub
+
+      - name: Run backport issue checker
+        env:
+          GITHUB_TOKEN: ${{ secrets.ZB_GITHUB_TOKEN }}
+        run: |
+          ./scripts/release/list_backports.py \
+            -o ${{ github.event.repository.owner.login }} \
+            -r ${{ github.event.repository.name }} \
+            -b ${{ github.event.pull_request.base.ref }} \
+            -p ${{ github.event.pull_request.number }}

.github/workflows/bluetooth-tests-publish.yaml

@@ -0,0 +1,29 @@
+name: Publish Bluetooth Tests Results
+
+on:
+  workflow_run:
+    workflows: ["Bluetooth Tests"]
+    types:
+      - completed
+jobs:
+  bluetooth-test-results:
+    name: "Publish Bluetooth Test Results"
+    runs-on: ubuntu-20.04
+    if: github.event.workflow_run.conclusion != 'skipped'
+
+    steps:
+      - name: Download artifacts
+        uses: dawidd6/action-download-artifact@v2
+        with:
+          workflow: bluetooth-tests.yaml
+          run_id: ${{ github.event.workflow_run.id }}
+
+      - name: Publish Bluetooth Test Results
+        uses: EnricoMi/publish-unit-test-result-action@v1
+        with:
+          check_name: Bluetooth Test Results
+          comment_mode: off
+          commit: ${{ github.event.workflow_run.head_sha }}
+          event_file: event/event.json
+          event_name: ${{ github.event.workflow_run.event }}
+          files: "bluetooth-test-results/**/bsim_results.xml"

.github/workflows/bluetooth-tests.yaml

@@ -1,7 +1,7 @@
 name: Bluetooth Tests
 
 on:
-  pull_request_target:
+  pull_request:
     paths:
       - "west.yml"
       - "subsys/bluetooth/**"
@@ -10,17 +10,13 @@ on:
       - "soc/posix/**"
       - "arch/posix/**"
 
+concurrency:
+  group: ${{ github.workflow }}-${{ github.event_name }}-${{ github.head_ref || github.ref }}
+  cancel-in-progress: true
+
 jobs:
-  bluetooth-test-prep:
-    runs-on: ubuntu-latest
-    steps:
-      - name: Cancel Previous Runs
-        uses: styfle/cancel-workflow-action@0.6.0
-        with:
-          access_token: ${{ github.token }}
-  bluetooth-test-build:
-    runs-on: ubuntu-latest
-    needs: bluetooth-test-prep
+  bluetooth-test:
+    runs-on: ubuntu-20.04
     container:
       image: zephyrprojectrtos/ci:v0.18.4
       options: '--entrypoint /bin/bash'
@@ -38,10 +34,7 @@ jobs:
           echo "$HOME/.local/bin" >> $GITHUB_PATH
 
       - name: checkout
-        uses: actions/checkout@v2
-        with:
-          ref: ${{ github.event.pull_request.head.sha }}
-          fetch-depth: 0
+        uses: actions/checkout@v3
 
       - name: west setup
         run: |
@@ -58,28 +51,17 @@ jobs:
 
       - name: Upload Test Results
         if: always()
-        uses: actions/upload-artifact@v2
+        uses: actions/upload-artifact@v3
         with:
-          name: Bluetooth Test Results
-          path: ./bsim_bt_out/bsim_results.xml
+          name: bluetooth-test-results
+          path: |
+            ./bsim_bt_out/bsim_results.xml
+            ${{ github.event_path }}
 
-  bluetooth-test-results:
-    name: "Publish Bluetooth Test Results"
-    needs: bluetooth-test-build
-    runs-on: ubuntu-20.04
-      # the build-and-test job might be skipped, we don't need to run this job then
-    if: success() || failure()
-
-    steps:
-      - name: Download Artifacts
-        uses: actions/download-artifact@v2
+      - name: Upload Event Details
+        if: always()
+        uses: actions/upload-artifact@v3
         with:
-          path: artifacts
-
-      - name: Publish Bluetooth Test Results
-        uses: EnricoMi/publish-unit-test-result-action@v1
-        with:
-          check_name: Bluetooth Test Results
-          github_token: ${{ secrets.GITHUB_TOKEN }}
-          files: "**/bsim_results.xml"
-          comment_mode: off
+          name: event
+          path: |
+            ${{ github.event_path }}

.github/workflows/clang.yaml

@@ -2,22 +2,18 @@ name: Build with Clang/LLVM
 
 on: pull_request_target
 
+concurrency:
+  group: ${{ github.workflow }}-${{ github.event_name }}-${{ github.head_ref || github.ref }}
+  cancel-in-progress: true
+
 jobs:
-  clang-build-prep:
-    runs-on: ubuntu-latest
-    steps:
-      - name: Cancel Previous Runs
-        uses: styfle/cancel-workflow-action@0.6.0
-        with:
-          access_token: ${{ github.token }}
   clang-build:
-    runs-on: zephyr_runner
-    needs: clang-build-prep
+    runs-on: zephyr-runner-linux-x64-4xlarge
     container:
       image: zephyrprojectrtos/ci:v0.18.4
       options: '--entrypoint /bin/bash'
       volumes:
-        - /home/runners/zephyrproject:/github/cache/zephyrproject
+        - /repo-cache/zephyrproject:/github/cache/zephyrproject
     strategy:
       fail-fast: false
       matrix:
@@ -30,15 +26,18 @@ jobs:
     outputs:
       report_needed: ${{ steps.twister.outputs.report_needed }}
     steps:
-      - name: Cleanup
+      - name: Clone cached Zephyr repository
+        continue-on-error: true
         run: |
-          # hotfix, until we have a better way to deal with existing data
-          rm -rf zephyr zephyr-testing
+          git clone --shared /github/cache/zephyrproject/zephyr .
+          git remote set-url origin ${GITHUB_SERVER_URL}/${GITHUB_REPOSITORY}
+
       - name: Checkout
-        uses: actions/checkout@v2
+        uses: actions/checkout@v3
         with:
           ref: ${{ github.event.pull_request.head.sha }}
           fetch-depth: 0
+          persist-credentials: false
 
       - name: Environment Setup
         run: |
@@ -71,7 +70,7 @@ jobs:
           string(TIMESTAMP current_date "%Y-%m-%d-%H;%M;%S" UTC)
           string(REPLACE "/" "_" repo ${{github.repository}})
           string(REPLACE "-" "_" repo2 ${repo})
-          message("::set-output name=repo::${repo2}")
+          file(APPEND $ENV{GITHUB_OUTPUT} "repo=${repo2}\n")
       - name: use cache
         id: cache-ccache
         uses: nashif/action-s3-cache@master
@@ -79,8 +78,8 @@ jobs:
           key: ${{ steps.ccache_cache_timestamp.outputs.repo }}-${{ github.ref_name }}-clang-${{ matrix.platform }}-ccache
           path: /github/home/.ccache
           aws-s3-bucket: ccache.zephyrproject.org
-          aws-access-key-id: ${{ secrets.CCACHE_S3_ACCESS_KEY_ID }}
-          aws-secret-access-key: ${{ secrets.CCACHE_S3_SECRET_ACCESS_KEY }}
+          aws-access-key-id: ${{ vars.AWS_CCACHE_ACCESS_KEY_ID }}
+          aws-secret-access-key: ${{ secrets.AWS_CCACHE_SECRET_ACCESS_KEY }}
           aws-region: us-east-2
 
       - name: ccache stats initial
@@ -99,12 +98,12 @@ jobs:
 
           # We can limit scope to just what has changed
           if [ -s testplan.csv ]; then
-            echo "::set-output name=report_needed::1";
+            echo "report_needed=1" >> $GITHUB_OUTPUT
             # Full twister but with options based on changes
             ./scripts/twister --inline-logs -M -N -v --load-tests testplan.csv --retry-failed 2
           else
             # if nothing is run, skip reporting step
-            echo "::set-output name=report_needed::0";
+            echo "report_needed=0" >> $GITHUB_OUTPUT
           fi
 
       - name: ccache stats post
@@ -113,7 +112,7 @@ jobs:
 
       - name: Upload Unit Test Results
         if: always() && steps.twister.outputs.report_needed != 0
-        uses: actions/upload-artifact@v2
+        uses: actions/upload-artifact@v3
         with:
           name: Unit Test Results (Subset ${{ matrix.platform }})
           path: twister-out/twister.xml

.github/workflows/codecov.yaml

@@ -4,22 +4,18 @@ on:
   schedule:
     - cron: '25 */3 * * 1-5'
 
-jobs:
-  codecov-prep:
-    runs-on: ubuntu-latest
-    if: github.repository == 'zephyrproject-rtos/zephyr'
-    steps:
-      - name: Cancel Previous Runs
-        uses: styfle/cancel-workflow-action@0.6.0
-        with:
-          access_token: ${{ github.token }}
+concurrency:
+  group: ${{ github.workflow }}-${{ github.event_name }}-${{ github.head_ref || github.ref }}
+  cancel-in-progress: true
 
+jobs:
   codecov:
-    runs-on: zephyr_runner
-    needs: codecov-prep
+    runs-on: zephyr-runner-linux-x64-4xlarge
     container:
       image: zephyrprojectrtos/ci:v0.18.4
       options: '--entrypoint /bin/bash'
+      volumes:
+        - /repo-cache/zephyrproject:/github/cache/zephyrproject
     strategy:
       fail-fast: false
       matrix:
@@ -32,8 +28,14 @@ jobs:
         run: |
           echo "$HOME/.local/bin" >> $GITHUB_PATH
 
+      - name: Clone cached Zephyr repository
+        continue-on-error: true
+        run: |
+          git clone --shared /github/cache/zephyrproject/zephyr .
+          git remote set-url origin ${GITHUB_SERVER_URL}/${GITHUB_REPOSITORY}
+
       - name: checkout
-        uses: actions/checkout@v2
+        uses: actions/checkout@v3
         with:
           fetch-depth: 0
 
@@ -54,7 +56,7 @@ jobs:
         run: |
           string(REPLACE "/" "_" repo ${{github.repository}})
           string(REPLACE "-" "_" repo2 ${repo})
-          message("::set-output name=repo::${repo2}")
+          file(APPEND $ENV{GITHUB_OUTPUT} "repo=${repo2}\n")
 
       - name: use cache
         id: cache-ccache
@@ -63,8 +65,8 @@ jobs:
           key: ${{ steps.ccache_cache_prop.outputs.repo }}-${{github.event_name}}-${{matrix.platform}}-codecov-ccache
           path: /github/home/.ccache
           aws-s3-bucket: ccache.zephyrproject.org
-          aws-access-key-id: ${{ secrets.CCACHE_S3_ACCESS_KEY_ID }}
-          aws-secret-access-key: ${{ secrets.CCACHE_S3_SECRET_ACCESS_KEY }}
+          aws-access-key-id: ${{ vars.AWS_CCACHE_ACCESS_KEY_ID }}
+          aws-secret-access-key: ${{ secrets.AWS_CCACHE_SECRET_ACCESS_KEY }}
           aws-region: us-east-2
 
       - name: ccache stats initial
@@ -94,7 +96,7 @@ jobs:
 
       - name: Upload Coverage Results
         if: always()
-        uses: actions/upload-artifact@v2
+        uses: actions/upload-artifact@v3
         with:
           name: Coverage Data (Subset ${{ matrix.platform }})
           path: coverage/reports/${{ matrix.platform }}.info
@@ -108,7 +110,7 @@ jobs:
 
     steps:
       - name: checkout
-        uses: actions/checkout@v2
+        uses: actions/checkout@v3
         with:
           fetch-depth: 0
       - name: Download Artifacts
@@ -144,8 +146,8 @@ jobs:
               set(MERGELIST "${MERGELIST} -a ${f}")
             endif()
           endforeach()
-          message("::set-output name=mergefiles::${MERGELIST}")
-          message("::set-output name=covfiles::${FILELIST}")
+          file(APPEND $ENV{GITHUB_OUTPUT} "mergefiles=${MERGELIST}\n")
+          file(APPEND $ENV{GITHUB_OUTPUT} "covfiles=${FILELIST}\n")
 
       - name: Merge coverage files
         run: |

.github/workflows/coding_guidelines.yml

@@ -4,17 +4,17 @@ on: pull_request
 
 jobs:
   compliance_job:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-20.04
     name: Run coding guidelines checks on patch series (PR)
     steps:
     - name: Checkout the code
-      uses: actions/checkout@v2
+      uses: actions/checkout@v3
       with:
         ref: ${{ github.event.pull_request.head.sha }}
         fetch-depth: 0
 
     - name: cache-pip
-      uses: actions/cache@v1
+      uses: actions/cache@v3
       with:
         path: ~/.cache/pip
         key: ${{ runner.os }}-doc-pip

.github/workflows/compliance.yml

@@ -4,11 +4,11 @@ on: pull_request
 
 jobs:
   maintainer_check:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-20.04
     name: Check MAINTAINERS file
     steps:
     - name: Checkout the code
-      uses: actions/checkout@v2
+      uses: actions/checkout@v3
       with:
         ref: ${{ github.event.pull_request.head.sha }}
         fetch-depth: 0
@@ -20,7 +20,7 @@ jobs:
         python3 ./scripts/get_maintainer.py path CMakeLists.txt
 
   check_compliance:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-20.04
     name: Run compliance checks on patch series (PR)
     steps:
     - name: Update PATH for west
@@ -28,13 +28,13 @@ jobs:
         echo "$HOME/.local/bin" >> $GITHUB_PATH
 
     - name: Checkout the code
-      uses: actions/checkout@v2
+      uses: actions/checkout@v3
       with:
         ref: ${{ github.event.pull_request.head.sha }}
         fetch-depth: 0
 
     - name: cache-pip
-      uses: actions/cache@v1
+      uses: actions/cache@v3
       with:
         path: ~/.cache/pip
         key: ${{ runner.os }}-doc-pip
@@ -72,7 +72,7 @@ jobs:
         ./scripts/ci/check_compliance.py -m Codeowners -m Devicetree -m Gitlint -m Identity -m Nits -m pylint -m checkpatch -m Kconfig -c origin/${BASE_REF}..
 
     - name: upload-results
-      uses: actions/upload-artifact@master
+      uses: actions/upload-artifact@v3
       continue-on-error: True
       with:
         name: compliance.xml

.github/workflows/daily_test_version.yml

@@ -12,15 +12,15 @@ on:
 
 jobs:
   get_version:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-20.04
     if: github.repository == 'zephyrproject-rtos/zephyr'
 
     steps:
     - name: Configure AWS Credentials
       uses: aws-actions/configure-aws-credentials@v1
       with:
-        aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID_TESTING }}
-        aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY_TESTING }}
+        aws-access-key-id: ${{ vars.AWS_TESTING_ACCESS_KEY_ID }}
+        aws-secret-access-key: ${{ secrets.AWS_TESTING_SECRET_ACCESS_KEY }}
         aws-region: us-east-1
 
     - name: install-pip
@@ -28,7 +28,7 @@ jobs:
         pip3 install gitpython
 
     - name: checkout
-      uses: actions/checkout@v2
+      uses: actions/checkout@v3
       with:
         fetch-depth: 0
 

.github/workflows/devicetree_checks.yml

@@ -6,10 +6,14 @@ name: Devicetree script tests
 
 on:
   push:
+    branches:
+    - v2.7-branch
     paths:
     - 'scripts/dts/**'
     - '.github/workflows/devicetree_checks.yml'
   pull_request:
+    branches:
+    - v2.7-branch
     paths:
     - 'scripts/dts/**'
     - '.github/workflows/devicetree_checks.yml'
@@ -21,20 +25,22 @@ jobs:
     strategy:
       matrix:
         python-version: [3.6, 3.7, 3.8]
-        os: [ubuntu-latest, macos-latest, windows-latest]
+        os: [ubuntu-20.04, macos-11, windows-2022]
         exclude:
-          - os: macos-latest
+          - os: macos-11
+            python-version: 3.6
+          - os: windows-2022
             python-version: 3.6
     steps:
     - name: checkout
-      uses: actions/checkout@v2
+      uses: actions/checkout@v3
     - name: Set up Python ${{ matrix.python-version }}
-      uses: actions/setup-python@v1
+      uses: actions/setup-python@v4
       with:
         python-version: ${{ matrix.python-version }}
     - name: cache-pip-linux
       if: startsWith(runner.os, 'Linux')
-      uses: actions/cache@v1
+      uses: actions/cache@v3
       with:
         path: ~/.cache/pip
         key: ${{ runner.os }}-pip-${{ matrix.python-version }}
@@ -42,7 +48,7 @@ jobs:
           ${{ runner.os }}-pip-${{ matrix.python-version }}
     - name: cache-pip-mac
       if: startsWith(runner.os, 'macOS')
-      uses: actions/cache@v1
+      uses: actions/cache@v3
       with:
         path: ~/Library/Caches/pip
         # Trailing '-' was just to get a different cache name
@@ -51,7 +57,7 @@ jobs:
           ${{ runner.os }}-pip-${{ matrix.python-version }}-
     - name: cache-pip-win
       if: startsWith(runner.os, 'Windows')
-      uses: actions/cache@v1
+      uses: actions/cache@v3
       with:
         path: ~\AppData\Local\pip\Cache
         key: ${{ runner.os }}-pip-${{ matrix.python-version }}

.github/workflows/doc-build.yml

@@ -5,10 +5,10 @@ name: Documentation Build
 
 on:
   schedule:
-    - cron: '0 */3 * * *'
+  - cron: '0 */3 * * *'
   push:
     tags:
-      - v*
+    - v*
   pull_request:
     paths:
     - 'doc/**'
@@ -34,18 +34,23 @@ env:
 jobs:
   doc-build-html:
     name: "Documentation Build (HTML)"
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-20.04
+    timeout-minutes: 30
+
+    concurrency:
+      group: doc-build-html-${{ github.ref }}
+      cancel-in-progress: true
 
     steps:
     - name: checkout
-      uses: actions/checkout@v2
+      uses: actions/checkout@v3
 
     - name: install-pkgs
       run: |
         sudo apt-get install -y ninja-build doxygen graphviz
 
     - name: cache-pip
-      uses: actions/cache@v1
+      uses: actions/cache@v3
       with:
         path: ~/.cache/pip
         key: pip-${{ hashFiles('scripts/requirements-doc.txt') }}
@@ -69,38 +74,71 @@ jobs:
           DOC_TAG="development"
         fi
 
-        DOC_TAG=${DOC_TAG} SPHINXOPTS="-q -W -j auto" make -C doc html
+        if [[ "${{ github.event_name }}" == "pull_request" ]]; then
+          DOC_TARGET="html-fast"
+        else
+          DOC_TARGET="html"
+        fi
+
+        DOC_TAG=${DOC_TAG} SPHINXOPTS="-q -W" make -C doc ${DOC_TARGET}
 
     - name: compress-docs
       run: |
         tar cfJ html-output.tar.xz --directory=doc/_build html
 
     - name: upload-build
-      uses: actions/upload-artifact@master
+      uses: actions/upload-artifact@v3
       with:
         name: html-output
         path: html-output.tar.xz
 
+    - name: process-pr
+      if: github.event_name == 'pull_request'
+      run: |
+        REPO_NAME="${{ github.event.repository.name }}"
+        PR_NUM="${{ github.event.pull_request.number }}"
+        DOC_URL="https://builds.zephyrproject.io/${REPO_NAME}/pr/${PR_NUM}/docs/"
+
+        echo "${PR_NUM}" > pr_num
+        echo "::notice:: Documentation will be available shortly at: ${DOC_URL}"
+
+    - name: upload-pr-number
+      uses: actions/upload-artifact@v3
+      if: github.event_name == 'pull_request'
+      with:
+        name: pr_num
+        path: pr_num
+
   doc-build-pdf:
     name: "Documentation Build (PDF)"
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-20.04
     container: texlive/texlive:latest
+    timeout-minutes: 30
+    concurrency:
+      group: doc-build-pdf-${{ github.ref }}
+      cancel-in-progress: true
 
     steps:
     - name: checkout
-      uses: actions/checkout@v2
+      uses: actions/checkout@v3
 
     - name: install-pkgs
       run: |
         apt-get update
-        apt-get install -y python3-pip ninja-build doxygen graphviz librsvg2-bin
+        apt-get install -y python3-pip python3-venv ninja-build doxygen graphviz librsvg2-bin
 
     - name: cache-pip
-      uses: actions/cache@v1
+      uses: actions/cache@v3
       with:
         path: ~/.cache/pip
         key: pip-${{ hashFiles('scripts/requirements-doc.txt') }}
 
+    - name: setup-venv
+      run: |
+        python3 -m venv .venv
+        . .venv/bin/activate
+        echo PATH=$PATH >> $GITHUB_ENV
+
     - name: install-pip
       run: |
         pip3 install -U setuptools wheel pip
@@ -123,7 +161,7 @@ jobs:
         DOC_TAG=${DOC_TAG} SPHINXOPTS="-q -j auto" LATEXMKOPTS="-quiet -halt-on-error" make -C doc pdf
 
     - name: upload-build
-      uses: actions/upload-artifact@master
+      uses: actions/upload-artifact@v3
       with:
         name: pdf-output
         path: doc/_build/latex/zephyr.pdf

.github/workflows/doc-publish-pr.yml

@@ -0,0 +1,63 @@
+# Copyright (c) 2020 Linaro Limited.
+# Copyright (c) 2021 Nordic Semiconductor ASA
+# SPDX-License-Identifier: Apache-2.0
+
+name: Documentation Publish (Pull Request)
+
+on:
+  workflow_run:
+    workflows: ["Documentation Build"]
+    types:
+    - completed
+
+jobs:
+  doc-publish:
+    name: Publish Documentation
+    runs-on: ubuntu-20.04
+    if: |
+      github.event.workflow_run.event == 'pull_request' &&
+      github.event.workflow_run.conclusion == 'success' &&
+      github.repository == 'zephyrproject-rtos/zephyr'
+
+    steps:
+    - name: Download artifacts
+      uses: dawidd6/action-download-artifact@v2
+      with:
+        workflow: doc-build.yml
+        run_id: ${{ github.event.workflow_run.id }}
+
+    - name: Load PR number
+      run: |
+        echo "PR_NUM=$(<pr_num/pr_num)" >> $GITHUB_ENV
+
+    - name: Check PR number
+      id: check-pr
+      uses: carpentries/actions/check-valid-pr@v0.8
+      with:
+        pr: ${{ env.PR_NUM }}
+        sha: ${{ github.event.workflow_run.head_sha }}
+
+    - name: Validate PR number
+      if: steps.check-pr.outputs.VALID != 'true'
+      run: |
+        echo "ABORT: PR number validation failed!"
+        exit 1
+
+    - name: Uncompress HTML docs
+      run: |
+        tar xf html-output/html-output.tar.xz -C html-output
+
+    - name: Configure AWS Credentials
+      uses: aws-actions/configure-aws-credentials@v1
+      with:
+        aws-access-key-id: ${{ vars.AWS_BUILDS_ZEPHYR_PR_ACCESS_KEY_ID }}
+        aws-secret-access-key: ${{ secrets.AWS_BUILDS_ZEPHYR_PR_SECRET_ACCESS_KEY }}
+        aws-region: us-east-1
+
+    - name: Upload to AWS S3
+      env:
+        HEAD_BRANCH: ${{ github.event.workflow_run.head_branch }}
+      run: |
+        aws s3 sync --quiet html-output/html \
+          s3://builds.zephyrproject.org/${{ github.event.repository.name }}/pr/${PR_NUM}/docs \
+          --delete

.github/workflows/doc-publish.yml

@@ -2,23 +2,21 @@
 # Copyright (c) 2021 Nordic Semiconductor ASA
 # SPDX-License-Identifier: Apache-2.0
 
-name: Publish Documentation
+name: Documentation Publish
 
 on:
   workflow_run:
     workflows: ["Documentation Build"]
     branches:
-      - main
-      - v*
-    tags:
-      - v*
+    - main
+    - v*
     types:
-      - completed
+    - completed
 
 jobs:
   doc-publish:
     name: Publish Documentation
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-20.04
     if: ${{ github.event.workflow_run.conclusion == 'success' }}
 
     steps:
@@ -34,8 +32,8 @@ jobs:
     - name: Configure AWS Credentials
       uses: aws-actions/configure-aws-credentials@v1
       with:
-        aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
-        aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+        aws-access-key-id: ${{ vars.AWS_DOCS_ACCESS_KEY_ID }}
+        aws-secret-access-key: ${{ secrets.AWS_DOCS_SECRET_ACCESS_KEY }}
         aws-region: us-east-1
 
     - name: Upload to AWS S3

.github/workflows/errno.yml

@@ -6,13 +6,13 @@ on:
 
 jobs:
   check-errno:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-20.04
     container:
       image: zephyrprojectrtos/ci:v0.18.4
 
     steps:
       - name: checkout
-        uses: actions/checkout@v2
+        uses: actions/checkout@v3
 
       - name: Run errno.py
         run: |

.github/workflows/footprint-tracking.yml

@@ -13,19 +13,14 @@ on:
       # same commit
       - 'v*'
 
+concurrency:
+  group: ${{ github.workflow }}-${{ github.event_name }}-${{ github.head_ref || github.ref }}
+  cancel-in-progress: true
+
 jobs:
-  footprint-tracking-cancel:
-    runs-on: ubuntu-latest
-    if: github.repository == 'zephyrproject-rtos/zephyr'
-    steps:
-      - name: Cancel Previous Runs
-        uses: styfle/cancel-workflow-action@0.6.0
-        with:
-          access_token: ${{ github.token }}
   footprint-tracking:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-20.04
     if: github.repository == 'zephyrproject-rtos/zephyr'
-    needs: footprint-tracking-cancel
     container:
       image: zephyrprojectrtos/ci:v0.18.4
       options: '--entrypoint /bin/bash'
@@ -44,7 +39,7 @@ jobs:
           sudo pip3 install -U setuptools wheel pip gitpython
 
       - name: checkout
-        uses: actions/checkout@v2
+        uses: actions/checkout@v3
         with:
           ref: ${{ github.event.pull_request.head.sha }}
           fetch-depth: 0
@@ -58,8 +53,8 @@ jobs:
       - name: Configure AWS Credentials
         uses: aws-actions/configure-aws-credentials@v1
         with:
-          aws-access-key-id: ${{ secrets.FOOTPRINT_AWS_KEY_ID }}
-          aws-secret-access-key: ${{ secrets.FOOTPRINT_AWS_ACCESS_KEY }}
+          aws-access-key-id: ${{ vars.AWS_TESTING_ACCESS_KEY_ID }}
+          aws-secret-access-key: ${{ secrets.AWS_TESTING_SECRET_ACCESS_KEY }}
           aws-region: us-east-1
 
       - name: Record Footprint

.github/workflows/footprint.yml

@@ -2,19 +2,14 @@ name: Footprint Delta
 
 on: pull_request
 
+concurrency:
+  group: ${{ github.workflow }}-${{ github.event_name }}-${{ github.head_ref || github.ref }}
+  cancel-in-progress: true
+
 jobs:
-  footprint-cancel:
-    runs-on: ubuntu-latest
-    if: github.repository == 'zephyrproject-rtos/zephyr'
-    steps:
-      - name: Cancel Previous Runs
-        uses: styfle/cancel-workflow-action@0.6.0
-        with:
-          access_token: ${{ github.token }}
   footprint-delta:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-20.04
     if: github.repository == 'zephyrproject-rtos/zephyr'
-    needs: footprint-cancel
     container:
       image: zephyrprojectrtos/ci:v0.18.4
       options: '--entrypoint /bin/bash'
@@ -25,16 +20,12 @@ jobs:
       CLANG_ROOT_DIR: /usr/lib/llvm-12
       ZEPHYR_TOOLCHAIN_VARIANT: zephyr
     steps:
-      - name: Cancel Previous Runs
-        uses: styfle/cancel-workflow-action@0.6.0
-        with:
-          access_token: ${{ github.token }}
       - name: Update PATH for west
         run: |
           echo "$HOME/.local/bin" >> $GITHUB_PATH
 
       - name: checkout
-        uses: actions/checkout@v2
+        uses: actions/checkout@v3
         with:
           ref: ${{ github.event.pull_request.head.sha }}
           fetch-depth: 0

.github/workflows/issue_count.yml

@@ -14,13 +14,13 @@ env:
 jobs:
   track-issues:
     name: "Collect Issue Stats"
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-20.04
     if: github.repository == 'zephyrproject-rtos/zephyr'
 
     steps:
     - name: Download configuration file
       run: |
-        wget -q https://raw.githubusercontent.com/$GITHUB_REPOSITORY/master/.github/workflows/issues-report-config.json
+        wget -q https://raw.githubusercontent.com/$GITHUB_REPOSITORY/main/.github/workflows/issues-report-config.json
 
     - name: install-packages
       run: |
@@ -34,7 +34,7 @@ jobs:
         token: ${{ secrets.GITHUB_TOKEN }}
 
     - name: upload-stats
-      uses: actions/upload-artifact@master
+      uses: actions/upload-artifact@v3
       continue-on-error: True
       with:
         name: ${{ env.OUTPUT_FILE_NAME }}
@@ -43,8 +43,8 @@ jobs:
     - name: Configure AWS Credentials
       uses: aws-actions/configure-aws-credentials@v1
       with:
-        aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID_TESTING }}
-        aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY_TESTING }}
+        aws-access-key-id: ${{ vars.AWS_TESTING_ACCESS_KEY_ID }}
+        aws-secret-access-key: ${{ secrets.AWS_TESTING_SECRET_ACCESS_KEY }}
         aws-region: us-east-1
 
     - name: Post Results

.github/workflows/labeler.yml

@@ -7,6 +7,4 @@ jobs:
     name: Pull Request Labeler
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/labeler@v2.1.1
-        with:
-          repo-token: '${{ secrets.GITHUB_TOKEN }}'
+      - uses: actions/labeler@v4

.github/workflows/license_check.yml

@@ -4,7 +4,7 @@ on: [pull_request]
 
 jobs:
   scancode_job:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-20.04
     name: Scan code for licenses
     steps:
     - name: Checkout the code
@@ -15,7 +15,7 @@ jobs:
       with:
         directory-to-scan: 'scan/'
     - name: Artifact Upload
-      uses: actions/upload-artifact@v1
+      uses: actions/upload-artifact@v3
       with:
         name: scancode
         path: ./artifacts

.github/workflows/manifest.yml

@@ -6,15 +6,16 @@ on:
 
 jobs:
   contribs:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-22.04
     name: Manifest
     steps:
       - name: Checkout the code
-        uses: actions/checkout@v2
+        uses: actions/checkout@v3
         with:
           path: zephyrproject/zephyr
           ref: ${{ github.event.pull_request.head.sha }}
           fetch-depth: 0
+          persist-credentials: false
 
       - name: Manifest
         uses: zephyrproject-rtos/action-manifest@2f1ad2908599d4fe747f886f9d733dd7eebae4ef

.github/workflows/release.yml

@@ -7,15 +7,16 @@ on:
 
 jobs:
   release:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-20.04
     steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v3
         with:
           fetch-depth: 0
 
       - name: Get the version
         id: get_version
-        run: echo ::set-output name=VERSION::${GITHUB_REF#refs/tags/}
+        run: |
+          echo "VERSION=${GITHUB_REF#refs/tags/}" >> $GITHUB_OUTPUT
 
       - name: REUSE Compliance Check
         uses: fsfe/reuse-action@v1
@@ -23,7 +24,7 @@ jobs:
           args: spdx -o zephyr-${{ steps.get_version.outputs.VERSION }}.spdx
 
       - name: upload-results
-        uses: actions/upload-artifact@master
+        uses: actions/upload-artifact@v3
         continue-on-error: True
         with:
           name: zephyr-${{ steps.get_version.outputs.VERSION }}.spdx

.github/workflows/stale_issue.yml

@@ -6,7 +6,7 @@ on:
 jobs:
   stale:
     name: Find Stale issues and PRs
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-20.04
     if: github.repository == 'zephyrproject-rtos/zephyr'
     steps:
     - uses: actions/stale@v3

.github/workflows/twister.yaml

@@ -2,29 +2,27 @@ name: Run tests with twister
 
 on:
   push:
+    branches:
+    - v2.7-branch
   pull_request_target:
+    branches:
+    - v2.7-branch
   schedule:
     # Run at 00:00 on Saturday
     - cron: '20 0 * * 6'
 
+concurrency:
+  group: ${{ github.workflow }}-${{ github.event_name }}-${{ github.head_ref || github.ref }}
+  cancel-in-progress: true
+
 jobs:
-  twister-build-cleanup:
-    runs-on: ubuntu-latest
-    steps:
-      - name: Cancel Previous Runs
-        uses: styfle/cancel-workflow-action@0.6.0
-        with:
-          access_token: ${{ github.token }}
-
   twister-build-prep:
-
-    runs-on: zephyr_runner
-    needs: twister-build-cleanup
+    runs-on: zephyr-runner-linux-x64-4xlarge
     container:
       image: zephyrprojectrtos/ci:v0.18.4
       options: '--entrypoint /bin/bash'
       volumes:
-        - /home/runners/zephyrproject:/github/cache/zephyrproject
+        - /repo-cache/zephyrproject:/github/cache/zephyrproject
     outputs:
       subset: ${{ steps.output-services.outputs.subset }}
       size: ${{ steps.output-services.outputs.size }}
@@ -38,17 +36,20 @@ jobs:
       COMMIT_RANGE: ${{ github.event.pull_request.base.sha }}..${{ github.event.pull_request.head.sha }}
       BASE_REF: ${{ github.base_ref }}
     steps:
-      - name: Cleanup
+      - name: Clone cached Zephyr repository
+        if: github.event_name == 'pull_request_target'
+        continue-on-error: true
         run: |
-          # hotfix, until we have a better way to deal with existing data
-          rm -rf zephyr zephyr-testing
+          git clone --shared /github/cache/zephyrproject/zephyr .
+          git remote set-url origin ${GITHUB_SERVER_URL}/${GITHUB_REPOSITORY}
 
       - name: Checkout
         if: github.event_name == 'pull_request_target'
-        uses: actions/checkout@v2
+        uses: actions/checkout@v3
         with:
           ref: ${{ github.event.pull_request.head.sha }}
           fetch-depth: 0
+          persist-credentials: false
 
       - name: Environment Setup
         if: github.event_name == 'pull_request_target'
@@ -101,18 +102,18 @@ jobs:
           else
             size=0
           fi
-          echo "::set-output name=subset::${subset}";
-          echo "::set-output name=size::${size}";
+          echo "subset=${subset}" >> $GITHUB_OUTPUT
+          echo "size=${size}" >> $GITHUB_OUTPUT
 
   twister-build:
-    runs-on: zephyr_runner
+    runs-on: zephyr-runner-linux-x64-4xlarge
     needs: twister-build-prep
     if: needs.twister-build-prep.outputs.size != 0
     container:
       image: zephyrprojectrtos/ci:v0.18.4
       options: '--entrypoint /bin/bash'
       volumes:
-        - /home/runners/zephyrproject:/github/cache/zephyrproject
+        - /repo-cache/zephyrproject:/github/cache/zephyrproject
     strategy:
       fail-fast: false
       matrix:
@@ -127,16 +128,18 @@ jobs:
       COMMIT_RANGE: ${{ github.event.pull_request.base.sha }}..${{ github.event.pull_request.head.sha }}
       BASE_REF: ${{ github.base_ref }}
     steps:
-      - name: Cleanup
+      - name: Clone cached Zephyr repository
+        continue-on-error: true
         run: |
-          # hotfix, until we have a better way to deal with existing data
-          rm -rf zephyr zephyr-testing
+          git clone --shared /github/cache/zephyrproject/zephyr .
+          git remote set-url origin ${GITHUB_SERVER_URL}/${GITHUB_REPOSITORY}
 
       - name: Checkout
-        uses: actions/checkout@v2
+        uses: actions/checkout@v3
         with:
           ref: ${{ github.event.pull_request.head.sha }}
           fetch-depth: 0
+          persist-credentials: false
 
       - name: Environment Setup
         run: |
@@ -171,7 +174,7 @@ jobs:
           string(TIMESTAMP current_date "%Y-%m-%d-%H;%M;%S" UTC)
           string(REPLACE "/" "_" repo ${{github.repository}})
           string(REPLACE "-" "_" repo2 ${repo})
-          message("::set-output name=repo::${repo2}")
+          file(APPEND $ENV{GITHUB_OUTPUT} "repo=${repo2}\n")
 
       - name: use cache
         id: cache-ccache
@@ -180,8 +183,8 @@ jobs:
           key: ${{ steps.ccache_cache_timestamp.outputs.repo }}-${{ github.ref_name }}-${{github.event_name}}-${{ matrix.subset }}-ccache
           path: /github/home/.ccache
           aws-s3-bucket: ccache.zephyrproject.org
-          aws-access-key-id: ${{ secrets.CCACHE_S3_ACCESS_KEY_ID }}
-          aws-secret-access-key: ${{ secrets.CCACHE_S3_SECRET_ACCESS_KEY }}
+          aws-access-key-id: ${{ vars.AWS_CCACHE_ACCESS_KEY_ID }}
+          aws-secret-access-key: ${{ secrets.AWS_CCACHE_SECRET_ACCESS_KEY }}
           aws-region: us-east-2
 
       - name: ccache stats initial
@@ -218,7 +221,7 @@ jobs:
 
       - name: Upload Unit Test Results
         if: always()
-        uses: actions/upload-artifact@v2
+        uses: actions/upload-artifact@v3
         with:
           name: Unit Test Results (Subset ${{ matrix.subset }})
           if-no-files-found: ignore
@@ -229,7 +232,7 @@ jobs:
   twister-test-results:
     name: "Publish Unit Tests Results"
     needs: twister-build
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-20.04
       # the build-and-test job might be skipped, we don't need to run this job then
     if: success() || failure()
 

.github/workflows/twister_tests.yml

@@ -5,12 +5,16 @@ name: Twister TestSuite
 
 on:
   push:
+    branches:
+    - v2.7-branch
     paths:
     - 'scripts/pylib/twister/**'
     - 'scripts/twister'
     - 'scripts/tests/twister/**'
     - '.github/workflows/twister_tests.yml'
   pull_request:
+    branches:
+    - v2.7-branch
     paths:
     - 'scripts/pylib/twister/**'
     - 'scripts/twister'
@@ -24,17 +28,17 @@ jobs:
     strategy:
       matrix:
         python-version: [3.6, 3.7, 3.8]
-        os: [ubuntu-latest]
+        os: [ubuntu-20.04]
     steps:
     - name: checkout
-      uses: actions/checkout@v2
+      uses: actions/checkout@v3
     - name: Set up Python ${{ matrix.python-version }}
-      uses: actions/setup-python@v1
+      uses: actions/setup-python@v4
       with:
         python-version: ${{ matrix.python-version }}
     - name: cache-pip-linux
       if: startsWith(runner.os, 'Linux')
-      uses: actions/cache@v1
+      uses: actions/cache@v3
       with:
         path: ~/.cache/pip
         key: ${{ runner.os }}-pip-${{ matrix.python-version }}

.github/workflows/west_cmds.yml

@@ -5,11 +5,15 @@ name: Zephyr West Command Tests
 
 on:
   push:
+    branches:
+    - v2.7-branch
     paths:
     - 'scripts/west-commands.yml'
     - 'scripts/west_commands/**'
     - '.github/workflows/west_cmds.yml'
   pull_request:
+    branches:
+    - v2.7-branch
     paths:
     - 'scripts/west-commands.yml'
     - 'scripts/west_commands/**'
@@ -22,20 +26,22 @@ jobs:
     strategy:
       matrix:
         python-version: [3.6, 3.7, 3.8]
-        os: [ubuntu-latest, macos-latest, windows-latest]
+        os: [ubuntu-20.04, macos-11, windows-2022]
         exclude:
-          - os: macos-latest
+          - os: macos-11
+            python-version: 3.6
+          - os: windows-2022
             python-version: 3.6
     steps:
     - name: checkout
-      uses: actions/checkout@v2
+      uses: actions/checkout@v3
     - name: Set up Python ${{ matrix.python-version }}
-      uses: actions/setup-python@v1
+      uses: actions/setup-python@v4
       with:
         python-version: ${{ matrix.python-version }}
     - name: cache-pip-linux
       if: startsWith(runner.os, 'Linux')
-      uses: actions/cache@v1
+      uses: actions/cache@v3
       with:
         path: ~/.cache/pip
         key: ${{ runner.os }}-pip-${{ matrix.python-version }}
@@ -43,7 +49,7 @@ jobs:
           ${{ runner.os }}-pip-${{ matrix.python-version }}
     - name: cache-pip-mac
       if: startsWith(runner.os, 'macOS')
-      uses: actions/cache@v1
+      uses: actions/cache@v3
       with:
         path: ~/Library/Caches/pip
         # Trailing '-' was just to get a different cache name
@@ -52,7 +58,7 @@ jobs:
           ${{ runner.os }}-pip-${{ matrix.python-version }}-
     - name: cache-pip-win
       if: startsWith(runner.os, 'Windows')
-      uses: actions/cache@v1
+      uses: actions/cache@v3
       with:
         path: ~\AppData\Local\pip\Cache
         key: ${{ runner.os }}-pip-${{ matrix.python-version }}

CMakeLists.txt

@@ -162,6 +162,13 @@ zephyr_compile_options(${OPTIMIZATION_FLAG})
 # @Intent: Obtain compiler specific flags related to C++ that are not influenced by kconfig
 zephyr_compile_options($<$<COMPILE_LANGUAGE:CXX>:$<TARGET_PROPERTY:compiler-cpp,required>>)
 
+# Extra warnings options for twister run
+if (CONFIG_COMPILER_WARNINGS_AS_ERRORS)
+  zephyr_compile_options($<$<COMPILE_LANGUAGE:C>:$<TARGET_PROPERTY:compiler,warnings_as_errors>>)
+  zephyr_compile_options($<$<COMPILE_LANGUAGE:ASM>:$<TARGET_PROPERTY:asm,warnings_as_errors>>)
+  zephyr_link_libraries($<TARGET_PROPERTY:linker,warnings_as_errors>)
+endif()
+
 # @Intent: Obtain compiler specific flags for compiling under different ISO standards of C++
 if(CONFIG_CPLUSPLUS)
   # From kconfig choice, pick a single dialect.
@@ -627,7 +634,7 @@ if(CONFIG_64BIT)
 endif()
 
 if(CONFIG_TIMEOUT_64BIT)
-  set(SYSCALL_SPLIT_TIMEOUT_ARG --split-type k_timeout_t)
+  set(SYSCALL_SPLIT_TIMEOUT_ARG --split-type k_timeout_t --split-type k_ticks_t)
 endif()
 
 add_custom_command(OUTPUT include/generated/syscall_dispatch.c ${syscall_list_h}
@@ -1385,6 +1392,17 @@ if(CONFIG_OUTPUT_PRINT_MEMORY_USAGE)
   endif()
 endif()
 
+if(NOT CONFIG_EXCEPTIONS)
+  set(eh_frame_section ".eh_frame")
+else()
+  set(eh_frame_section "")
+endif()
+set(remove_sections_argument_list "")
+foreach(section .comment COMMON ${eh_frame_section})
+  list(APPEND remove_sections_argument_list
+    $<TARGET_PROPERTY:bintools,elfconvert_flag_section_remove>${section})
+endforeach()
+
 if(CONFIG_BUILD_OUTPUT_HEX OR BOARD_FLASH_RUNNER STREQUAL openocd)
   get_property(elfconvert_formats TARGET bintools PROPERTY elfconvert_formats)
   if(ihex IN_LIST elfconvert_formats)
@@ -1394,9 +1412,7 @@ if(CONFIG_BUILD_OUTPUT_HEX OR BOARD_FLASH_RUNNER STREQUAL openocd)
               $<TARGET_PROPERTY:bintools,elfconvert_flag>
               ${GAP_FILL}
               $<TARGET_PROPERTY:bintools,elfconvert_flag_outtarget>ihex
-              $<TARGET_PROPERTY:bintools,elfconvert_flag_section_remove>.comment
-              $<TARGET_PROPERTY:bintools,elfconvert_flag_section_remove>COMMON
-              $<TARGET_PROPERTY:bintools,elfconvert_flag_section_remove>.eh_frame
+              ${remove_sections_argument_list}
               $<TARGET_PROPERTY:bintools,elfconvert_flag_infile>${KERNEL_ELF_NAME}
               $<TARGET_PROPERTY:bintools,elfconvert_flag_outfile>${KERNEL_HEX_NAME}
               $<TARGET_PROPERTY:bintools,elfconvert_flag_final>
@@ -1418,9 +1434,7 @@ if(CONFIG_BUILD_OUTPUT_BIN)
               $<TARGET_PROPERTY:bintools,elfconvert_flag>
               ${GAP_FILL}
               $<TARGET_PROPERTY:bintools,elfconvert_flag_outtarget>binary
-              $<TARGET_PROPERTY:bintools,elfconvert_flag_section_remove>.comment
-              $<TARGET_PROPERTY:bintools,elfconvert_flag_section_remove>COMMON
-              $<TARGET_PROPERTY:bintools,elfconvert_flag_section_remove>.eh_frame
+              ${remove_sections_argument_list}
               $<TARGET_PROPERTY:bintools,elfconvert_flag_infile>${KERNEL_ELF_NAME}
               $<TARGET_PROPERTY:bintools,elfconvert_flag_outfile>${KERNEL_BIN_NAME}
               $<TARGET_PROPERTY:bintools,elfconvert_flag_final>

Kconfig.zephyr

@@ -305,9 +305,13 @@ config NO_OPTIMIZATIONS
 	help
 	  Compiler optimizations will be set to -O0 independently of other
 	  options.
-
 endchoice
 
+config COMPILER_WARNINGS_AS_ERRORS
+	bool "Treat warnings as errors"
+	help
+	  Turn on "warning as error" toolchain flags
+
 config COMPILER_COLOR_DIAGNOSTICS
 	bool "Enable colored diganostics"
 	default y

VERSION

@@ -1,5 +1,5 @@
 VERSION_MAJOR = 2
 VERSION_MINOR = 7
-PATCHLEVEL = 1
+PATCHLEVEL = 6
 VERSION_TWEAK = 0
 EXTRAVERSION =

arch/arc/core/arc_smp.c

@@ -56,7 +56,7 @@ void arch_start_cpu(int cpu_num, k_thread_stack_t *stack, int sz,
 	 * arc_cpu_wake_flag will protect arc_cpu_sp that
 	 * only one slave cpu can read it per time
 	 */
-	arc_cpu_sp = Z_THREAD_STACK_BUFFER(stack) + sz;
+	arc_cpu_sp = Z_KERNEL_STACK_BUFFER(stack) + sz;
 
 	arc_cpu_wake_flag = cpu_num;
 

arch/arm/core/aarch32/cortex_m/fault.c

@@ -849,7 +849,7 @@ static inline z_arch_esf_t *get_esf(uint32_t msp, uint32_t psp, uint32_t exc_ret
 	bool *nested_exc)
 {
 	bool alternative_state_exc = false;
-	z_arch_esf_t *ptr_esf;
+	z_arch_esf_t *ptr_esf = NULL;
 
 	*nested_exc = false;
 

arch/arm/core/aarch32/cortex_m/timing.c

@@ -40,7 +40,7 @@ static inline uint64_t z_arm_dwt_freq_get(void)
 	/* SysTick and DWT both run at CPU frequency,
 	 * reflected in the system timer HW cycles/sec.
 	 */
-	return CONFIG_SYS_CLOCK_HW_CYCLES_PER_SEC;
+	return sys_clock_hw_cycles_per_sec();
 #else
 	static uint64_t dwt_frequency;
 	uint32_t cyc_start, cyc_end;

arch/arm/include/aarch32/cortex_m/stack.h

@@ -26,7 +26,7 @@
 extern "C" {
 #endif
 
-extern K_KERNEL_STACK_ARRAY_DEFINE(z_interrupt_stacks, CONFIG_MP_NUM_CPUS,
+K_KERNEL_STACK_ARRAY_EXTERN(z_interrupt_stacks, CONFIG_MP_NUM_CPUS,
 				   CONFIG_ISR_STACK_SIZE);
 
 /**

arch/arm64/core/isr_wrapper.S

@@ -101,9 +101,28 @@ spurious_continue:
 	 * x0: 1st thread in the ready queue
 	 * x1: _current thread
 	 */
+
+#ifdef CONFIG_SMP
+	/*
+	 * 2 possibilities here:
+	 *  - x0 != NULL (implies x0 != x1): we need to context switch and set
+	 *    the switch_handle in the context switch code
+	 *  - x0 == NULL: no context switch
+	 */
+	cmp	x0, #0x0
+	bne	switch
+
+	/*
+	 * No context switch. Restore x0 from x1 (they are the same thread).
+	 * See also comments to z_arch_get_next_switch_handle()
+	 */
+	mov	x0, x1
+	b	exit
+switch:
+#else
 	cmp	x0, x1
 	beq	exit
-
+#endif
 	/* Switch thread */
 	bl	z_arm64_context_switch
 

arch/arm64/core/reset.c

@@ -129,7 +129,11 @@ void z_arm64_el2_init(void)
 
 	zero_cntvoff_el2();		/* Set 64-bit virtual timer offset to 0 */
 	zero_cnthctl_el2();
+#ifdef CONFIG_CPU_AARCH64_CORTEX_R
+	zero_cnthps_ctl_el2();
+#else
 	zero_cnthp_ctl_el2();
+#endif
 	/*
 	 * Enable this if/when we use the hypervisor timer.
 	 * write_cnthp_cval_el2(~(uint64_t)0);

arch/arm64/core/thread.c

@@ -124,9 +124,28 @@ void arch_new_thread(struct k_thread *thread, k_thread_stack_t *stack,
 
 void *z_arch_get_next_switch_handle(struct k_thread **old_thread)
 {
+	/*
+	 * When returning from this function we will have the current thread
+	 * onto the stack to be popped in x1 and the next thread in x0 returned
+	 * from z_get_next_switch_handle() (see isr_wrapper.S)
+	 */
 	*old_thread =  _current;
 
+#ifdef CONFIG_SMP
+	/*
+	 * XXX: see thread in #41840 and #40795
+	 *
+	 * The scheduler API requires a complete switch handle here, but arm64
+	 * optimizes things such that the callee-save registers are still
+	 * unsaved here (they get written out in z_arm64_context_switch()
+	 * below).  So pass a NULL instead, which the scheduler will store into
+	 * the thread switch_handle field.  The resulting thread won't be
+	 * switched into until we write that ourselves.
+	 */
+	return z_get_next_switch_handle(NULL);
+#else
 	return z_get_next_switch_handle(*old_thread);
+#endif
 }
 
 #ifdef CONFIG_USERSPACE

arch/x86/core/CMakeLists.txt

@@ -6,6 +6,7 @@ zephyr_library()
 zephyr_library_sources(cpuhalt.c)
 zephyr_library_sources(prep_c.c)
 zephyr_library_sources(fatal.c)
+zephyr_library_sources(cpuid.c)
 zephyr_library_sources(spec_ctrl.c)
 
 zephyr_library_sources_ifdef(CONFIG_X86_MEMMAP memmap.c)

arch/x86/core/cpuid.c

@@ -0,0 +1,51 @@
+/*
+ * Copyright (c) 2022 Intel Corporation
+ *
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+#include <cpuid.h> /* Header provided by the toolchain. */
+
+#include <kernel_structs.h>
+#include <arch/x86/cpuid.h>
+#include <kernel.h>
+
+uint32_t z_x86_cpuid_extended_features(void)
+{
+	uint32_t eax, ebx, ecx = 0U, edx;
+
+	if (__get_cpuid(CPUID_EXTENDED_FEATURES_LVL,
+			&eax, &ebx, &ecx, &edx) == 0) {
+		return 0;
+	}
+
+	return edx;
+}
+
+#define INITIAL_APIC_ID_SHIFT (24)
+#define INITIAL_APIC_ID_MASK (0xFF)
+
+uint8_t z_x86_cpuid_get_current_physical_apic_id(void)
+{
+	uint32_t eax, ebx, ecx, edx;
+
+	if (IS_ENABLED(CONFIG_X2APIC)) {
+		/* leaf 0x1F should be used first prior to using 0x0B */
+		if (__get_cpuid(CPUID_EXTENDED_TOPOLOGY_ENUMERATION_V2,
+				&eax, &ebx, &ecx, &edx) == 0) {
+			if (__get_cpuid(CPUID_EXTENDED_TOPOLOGY_ENUMERATION,
+					&eax, &ebx, &ecx, &edx) == 0) {
+				return 0;
+			}
+		}
+	} else {
+		if (__get_cpuid(CPUID_BASIC_INFO_1,
+				&eax, &ebx, &ecx, &edx) == 0) {
+			return 0;
+		}
+
+		edx = (ebx >> INITIAL_APIC_ID_SHIFT);
+	}
+
+	return (uint8_t)(edx & INITIAL_APIC_ID_MASK);
+}

arch/x86/core/ia32/thread.c

@@ -114,4 +114,18 @@ void arch_new_thread(struct k_thread *thread, k_thread_stack_t *stack,
 	thread->arch.excNestCount = 0;
 #endif /* CONFIG_LAZY_FPU_SHARING */
 	thread->arch.flags = 0;
+
+	/*
+	 * When "eager FPU sharing" mode is enabled, FPU registers must be
+	 * initialised at the time of thread creation because the floating-point
+	 * context is always active and no further FPU initialisation is performed
+	 * later.
+	 */
+#if defined(CONFIG_EAGER_FPU_SHARING)
+	thread->arch.preempFloatReg.floatRegsUnion.fpRegs.fcw = 0x037f;
+	thread->arch.preempFloatReg.floatRegsUnion.fpRegs.ftw = 0xffff;
+#if defined(CONFIG_X86_SSE)
+	thread->arch.preempFloatReg.floatRegsUnion.fpRegsEx.mxcsr = 0x1f80;
+#endif /* CONFIG_X86_SSE */
+#endif /* CONFIG_EAGER_FPU_SHARING */
 }

arch/x86/core/pcie.c

@@ -16,6 +16,8 @@
 #include <kernel_arch_func.h>
 #include <device.h>
 #include <drivers/pcie/msi.h>
+#include <drivers/interrupt_controller/sysapic.h>
+#include <arch/x86/cpuid.h>
 #endif
 
 /* PCI Express Extended Configuration Mechanism (MMIO) */
@@ -179,12 +181,15 @@ static bool get_vtd(void)
 
 /* these functions are explained in include/drivers/pcie/msi.h */
 
+#define MSI_MAP_DESTINATION_ID_SHIFT 12
+#define MSI_RH BIT(3)
+
 uint32_t pcie_msi_map(unsigned int irq,
 		      msi_vector_t *vector)
 {
 	uint32_t map;
-
 	ARG_UNUSED(irq);
+
 #if defined(CONFIG_INTEL_VTD_ICTL)
 #if !defined(CONFIG_PCIE_MSI_X)
 	if (vector != NULL) {
@@ -197,7 +202,15 @@ uint32_t pcie_msi_map(unsigned int irq,
 #endif
 #endif
 	{
-		map = 0xFEE00000U; /* standard delivery to BSP local APIC */
+		uint32_t dest_id;
+
+		dest_id = z_x86_cpuid_get_current_physical_apic_id() <<
+			MSI_MAP_DESTINATION_ID_SHIFT;
+
+		/* Directing to current physical CPU (may not be BSP)
+		 * Destination ID - RH 1 - DM 0
+		 */
+		map = 0xFEE00000U | dest_id | MSI_RH;
 	}
 
 	return map;

arch/x86/core/spec_ctrl.c

@@ -4,13 +4,12 @@
  * SPDX-License-Identifier: Apache-2.0
  */
 
-#include <cpuid.h> /* Header provided by the toolchain. */
-
 #include <init.h>
 #include <kernel_structs.h>
 #include <kernel_arch_data.h>
 #include <kernel_arch_func.h>
 #include <arch/x86/msr.h>
+#include <arch/x86/cpuid.h>
 #include <kernel.h>
 
 /*
@@ -18,31 +17,13 @@
  * https://software.intel.com/security-software-guidance/api-app/sites/default/files/336996-Speculative-Execution-Side-Channel-Mitigations.pdf
  */
 
-#define CPUID_EXTENDED_FEATURES_LVL 7
-
-/* Bits to check in CPUID extended features */
-#define CPUID_SPEC_CTRL_SSBD	BIT(31)
-#define CPUID_SPEC_CTRL_IBRS	BIT(26)
-
 #if defined(CONFIG_DISABLE_SSBD) || defined(CONFIG_ENABLE_EXTENDED_IBRS)
-static uint32_t cpuid_extended_features(void)
-{
-	uint32_t eax, ebx, ecx = 0U, edx;
-
-	if (__get_cpuid(CPUID_EXTENDED_FEATURES_LVL,
-			&eax, &ebx, &ecx, &edx) == 0) {
-		return 0;
-	}
-
-	return edx;
-}
-
 static int spec_ctrl_init(const struct device *dev)
 {
 	ARG_UNUSED(dev);
 
 	uint32_t enable_bits = 0U;
-	uint32_t cpuid7 = cpuid_extended_features();
+	uint32_t cpuid7 = z_x86_cpuid_extended_features();
 
 #ifdef CONFIG_DISABLE_SSBD
 	if ((cpuid7 & CPUID_SPEC_CTRL_SSBD) != 0U) {

boards/arc/nsim/board.cmake

@@ -12,6 +12,7 @@ endif()
 string(REPLACE "nsim" "mdb" MDB_ARGS "${BOARD}.args")
 if((CONFIG_SOC_NSIM_HS_SMP OR CONFIG_SOC_NSIM_HS6X_SMP))
   board_runner_args(mdb-nsim "--cores=${CONFIG_MP_NUM_CPUS}" "--nsim_args=${MDB_ARGS}")
+  board_runner_args(mdb-hw "--cores=${CONFIG_MP_NUM_CPUS}")
 else()
   board_runner_args(mdb-nsim "--nsim_args=${MDB_ARGS}")
 endif()

boards/arm/bl5340_dvk/Kconfig.defconfig

@@ -27,6 +27,7 @@ endif # BOARD_BL5340_DVK_CPUAPP
 
 config BUILD_WITH_TFM
 	default y if BOARD_BL5340_DVK_CPUAPP_NS
+	depends on ZEPHYR_TRUSTED_FIRMWARE_M_MODULE
 
 if BUILD_WITH_TFM
 

boards/arm/bl654_usb/Kconfig.defconfig

@@ -1,6 +1,6 @@
 # BL654 USB adapter board configuration
 
-# Copyright (c) 2021 Laird Connectivity
+# Copyright (c) 2021-2022 Laird Connectivity
 # SPDX-License-Identifier: Apache-2.0
 
 if BOARD_BL654_USB
@@ -13,16 +13,21 @@ config BOARD
 
 # Nordic nRF5 bootloader exists outside of the partitions specified in the
 # DTS file, so we manually override FLASH_LOAD_OFFSET to link the application
-# correctly, after Nordic MBR.
+# correctly, after Nordic MBR, and limit the maximum size to not protude into
+# the bootloader at the end of flash.
 
 # When building MCUBoot, MCUBoot itself will select USE_DT_CODE_PARTITION
 # which will make it link into the correct partition specified in DTS file,
-# so no override is necessary.
+# so no override or limit is necessary.
 
 config FLASH_LOAD_OFFSET
 	default 0x1000
 	depends on !USE_DT_CODE_PARTITION
 
+config FLASH_LOAD_SIZE
+	default 0xdf000
+	depends on !USE_DT_CODE_PARTITION
+
 if USB_DEVICE_STACK
 
 config USB_UART_CONSOLE

boards/arm/mps2_an521/Kconfig.defconfig

@@ -20,6 +20,7 @@ config BOARD
 # force building with TF-M as the Secure Execution Environment.
 config BUILD_WITH_TFM
 	default y if TRUSTED_EXECUTION_NONSECURE
+	depends on ZEPHYR_TRUSTED_FIRMWARE_M_MODULE
 
 
 if GPIO

boards/arm/mps2_an521/mps2_an521_ns.yaml

@@ -4,7 +4,10 @@ type: mcu
 arch: arm
 ram: 4096
 flash: 4096
-simulation: qemu
+  # TFM is not supported by default in the Zephyr LTS release.
+  # Excluding this board's simulator to avoid CI failures.
+  #
+  #simulation: qemu
 toolchain:
   - gnuarmemb
   - zephyr

boards/arm/nrf5340dk_nrf5340/Kconfig.defconfig

@@ -13,6 +13,7 @@ config BOARD
 
 config BUILD_WITH_TFM
 	default y if BOARD_NRF5340DK_NRF5340_CPUAPP_NS
+	depends on ZEPHYR_TRUSTED_FIRMWARE_M_MODULE
 
 if BUILD_WITH_TFM
 

boards/arm/nrf9160dk_nrf9160/Kconfig.defconfig

@@ -13,6 +13,7 @@ config BOARD
 
 config BUILD_WITH_TFM
 	default y if BOARD_NRF9160DK_NRF9160_NS
+	depends on ZEPHYR_TRUSTED_FIRMWARE_M_MODULE
 
 if BUILD_WITH_TFM
 

boards/arm/nucleo_h745zi_q/doc/index.rst

@@ -216,7 +216,7 @@ Run a serial host program to connect with your NUCLEO-H745ZI-Q board.
 
    $ minicom -b 115200 -D /dev/ttyACM0
 
-or use scrreen:
+or use screen:
 
 .. code-block:: console
 
@@ -235,15 +235,20 @@ You should see the following message on the console:
 
    $ Hello World! nucleo_h745zi_q_m7
 
-Blinky example can also be used:
+.. note::
+  Sometimes, flashing is not working. It is necessary to erase the flash
+  (with STM32CubeProgrammer for example) to make it work again.
+
+Similarly, you can build and flash samples on the M4 target. For this, please
+take care of the resource sharing (UART port used for console for instance).
+
+Here is an example for the :ref:`blinky-sample` application on M4 core.
 
 .. zephyr-app-commands::
    :zephyr-app: samples/basic/blinky
-   :board: nucleo_h745zi_q_m7
+   :board: nucleo_h745zi_q_m4
    :goals: build flash
 
-Same way M4 core can be flashed.
-
 .. note::
 
    Flashing both M4 and M7 and pushing RESTART button on the board leads
@@ -261,6 +266,10 @@ You can debug an application in the usual way.  Here is an example for the
    :maybe-skip-config:
    :goals: debug
 
+Debugging with west is currently not available on Cortex M4 side.
+In order to debug a Zephyr application on Cortex M4 side, you can use
+`STM32CubeIDE`_.
+
 .. _Nucleo H745ZI-Q website:
    https://www.st.com/en/evaluation-tools/nucleo-h745zi-q.html
 

boards/arm/nucleo_h745zi_q/nucleo_h745zi_q_m7_defconfig

@@ -6,6 +6,9 @@ CONFIG_SOC_STM32H745XX=y
 # Board config should be specified since there are 2 possible targets
 CONFIG_BOARD_NUCLEO_H745ZI_Q_M7=y
 
+# Enable the internal SMPS regulator
+CONFIG_POWER_SUPPLY_DIRECT_SMPS=y
+
 # Enable MPU
 CONFIG_ARM_MPU=y
 

boards/arm/nucleo_l552ze_q/doc/nucleol552ze_q.rst

@@ -255,19 +255,17 @@ flashed in the usual way (see :ref:`build_an_application` and
 Flashing
 ========
 
-Nucleo L552ZE Q board includes an ST-LINK/V3E embedded debug tool
-interface. This interface is not yet supported by the openocd version.
-Instead, support can be enabled on pyocd by adding "pack" support with
-the following pyocd command:
+Nucleo L552ZE Q board includes an ST-LINK/V2-1 embedded debug tool
+interface. Support can be enabled on pyocd by adding "pack" support with the
+following pyocd command:
 
 .. code-block:: console
 
    $ pyocd pack --update
    $ pyocd pack --install stm32l552ze
 
-Nucleo L552ZE Q board includes an ST-LINK/V2-1 embedded debug tool
-interface.  This interface is supported by the openocd version
-included in the Zephyr SDK since v0.9.2.
+Alternatively, this interface is supported by the openocd version
+included in the Zephyr SDK since v0.13.1.
 
 Flashing an application to Nucleo L552ZE Q
 ------------------------------------------

boards/arm/nucleo_l552ze_q/support/openocd.cfg

@@ -0,0 +1,19 @@
+source [find interface/stlink.cfg]
+
+transport select hla_swd
+
+source [find target/stm32l5x.cfg]
+
+# use hardware reset
+reset_config srst_only srst_nogate
+
+$_TARGETNAME configure -event gdb-attach {
+        echo "Debugger attaching: halting execution"
+        reset halt
+        gdb_breakpoint_override hard
+}
+
+$_TARGETNAME configure -event gdb-detach {
+        echo "Debugger detaching: resuming execution"
+        resume
+}

boards/arm/nucleo_wb55rg/board.cmake

@@ -1,5 +1,7 @@
 # SPDX-License-Identifier: Apache-2.0
 board_runner_args(pyocd "--target=stm32wb55rgvx")
+board_runner_args(stm32cubeprogrammer "--port=swd" "--reset=hw")
 
 include(${ZEPHYR_BASE}/boards/common/openocd.board.cmake)
 include(${ZEPHYR_BASE}/boards/common/pyocd.board.cmake)
+include(${ZEPHYR_BASE}/boards/common/stm32cubeprogrammer.board.cmake)

boards/arm/nucleo_wb55rg/doc/nucleo_wb55rg.rst

@@ -186,8 +186,9 @@ To operate bluetooth on Nucleo WB55RG, Cortex-M0 core should be flashed with
 a valid STM32WB Coprocessor binaries (either 'Full stack' or 'HCI Layer').
 These binaries are delivered in STM32WB Cube packages, under
 Projects/STM32WB_Copro_Wireless_Binaries/STM32WB5x/
-To date, interoperability and backward compatibility has been tested and is
-guaranteed up to version 1.5 of STM32Cube package releases.
+For compatibility information with the various versions of these binaries,
+please check `modules/hal/stm32/lib/stm32wb/hci/README <https://github.com/zephyrproject-rtos/hal_stm32/blob/main/lib/stm32wb/hci/README>`__
+in the hal_stm32 repo.
 
 Connections and IOs
 ===================

boards/arm/stm32h735g_disco/stm32h735g_disco_defconfig

@@ -3,6 +3,9 @@
 CONFIG_SOC_SERIES_STM32H7X=y
 CONFIG_SOC_STM32H735XX=y
 
+# Enable the internal SMPS regulator
+CONFIG_POWER_SUPPLY_DIRECT_SMPS=y
+
 # Enable MPU
 CONFIG_ARM_MPU=y
 

boards/arm/stm32h747i_disco/doc/index.rst

@@ -220,24 +220,6 @@ the USB port to prepare it for flashing. Then build and flash your application.
 
 Here is an example for the :ref:`hello_world` application.
 
-.. zephyr-app-commands::
-   :zephyr-app: samples/hello_world
-   :board: stm32h747i_disco_m7
-   :goals: build
-
-Use the following commands to flash either m7 or m4 target:
-
-.. code-block:: console
-
-   $ ./STM32_Programmer_CLI -c port=SWD mode=UR -w <path_to_m7_binary>  0x8000000
-   $ ./STM32_Programmer_CLI -c port=SWD mode=UR -w <path_to_m4_binary>  0x8100000
-
-Alternatively it is possible to flash with OpenOcd but with some restrictions:
-Sometimes, flashing is not working. It is necessary to erase the flash
-(with STM32CubeProgrammer for example) to make it work again.
-Debugging with OpenOCD is currently working for this board only with Cortex M7,
-not Cortex M4.
-
 .. zephyr-app-commands::
    :zephyr-app: samples/hello_world
    :board: stm32h747i_disco_m7
@@ -255,6 +237,20 @@ You should see the following message on the console:
 
    Hello World! stm32h747i_disco_m7
 
+.. note::
+  Sometimes, flashing is not working. It is necessary to erase the flash
+  (with STM32CubeProgrammer for example) to make it work again.
+
+Similarly, you can build and flash samples on the M4 target. For this, please
+take care of the resource sharing (UART port used for console for instance).
+
+Here is an example for the :ref:`blinky-sample` application on M4 core.
+
+.. zephyr-app-commands::
+   :zephyr-app: samples/basic/blinky
+   :board: stm32h747i_disco_m4
+   :goals: build flash
+
 Debugging
 =========
 
@@ -266,6 +262,9 @@ You can debug an application in the usual way.  Here is an example for the
    :board: stm32h747i_disco_m7
    :goals: debug
 
+Debugging with west is currently not available on Cortex M4 side.
+In order to debug a Zephyr application on Cortex M4 side, you can use
+`STM32CubeIDE`_.
 
 .. _STM32H747I-DISCO website:
    http://www.st.com/en/evaluation-tools/stm32h747i-disco.html
@@ -284,3 +283,6 @@ You can debug an application in the usual way.  Here is an example for the
 
 .. _DISCO_H747I modifications for Ethernet:
    https://os.mbed.com/teams/ST/wiki/DISCO_H747I-modifications-for-Ethernet
+
+.. _STM32CubeIDE:
+   https://www.st.com/en/development-tools/stm32cubeide.html

boards/arm/stm32h747i_disco/stm32h747i_disco_m7_defconfig

@@ -9,6 +9,9 @@ CONFIG_BOARD_STM32H747I_DISCO_M7=y
 # enable pinmux
 CONFIG_PINMUX=y
 
+# Enable the internal SMPS regulator
+CONFIG_POWER_SUPPLY_DIRECT_SMPS=y
+
 # enable GPIO
 CONFIG_GPIO=y
 

boards/arm/stm32l562e_dk/doc/index.rst

@@ -252,18 +252,16 @@ Flashing
 ========
 
 STM32L562E-DK Discovery board includes an ST-LINK/V3E embedded debug tool
-interface. This interface is not yet supported by the openocd version.
-Instead, support can be enabled on pyocd by adding "pack" support with
-the following pyocd command:
+interface. Support can be enabled on pyocd by adding "pack" support with the
+following pyocd command:
 
 .. code-block:: console
 
    $ pyocd pack --update
    $ pyocd pack --install stm32l562qe
 
-STM32L562E-DK Discovery board includes an ST-LINK/V2-1 embedded debug tool
-interface.  This interface is supported by the openocd version
-included in the Zephyr SDK since v0.9.2.
+Alternatively, this interface is supported by the openocd version
+included in the Zephyr SDK since v0.13.1.
 
 Flashing an application to STM32L562E-DK Discovery
 --------------------------------------------------

boards/arm/stm32l562e_dk/support/openocd.cfg

@@ -0,0 +1,19 @@
+source [find interface/stlink.cfg]
+
+transport select hla_swd
+
+source [find target/stm32l5x.cfg]
+
+# use hardware reset
+reset_config srst_only srst_nogate
+
+$_TARGETNAME configure -event gdb-attach {
+        echo "Debugger attaching: halting execution"
+        reset halt
+        gdb_breakpoint_override hard
+}
+
+$_TARGETNAME configure -event gdb-detach {
+        echo "Debugger detaching: resuming execution"
+        resume
+}

boards/arm64/fvp_baser_aemv8r/board.cmake

@@ -3,6 +3,7 @@
 
 set(EMU_PLATFORM armfvp)
 set(ARMFVP_BIN_NAME FVP_BaseR_AEMv8R)
+set(ARMFVP_MIN_VERSION 11.16.16)
 
 set(ARMFVP_FLAGS
   -C cluster0.has_aarch64=1

boards/arm64/fvp_baser_aemv8r/doc/index.rst

@@ -27,6 +27,8 @@ To Run the Fixed Virtual Platform simulation tool you must download "Armv8-R AEM
 FVP" from Arm developer [1]_ (This might require the user to register) and
 install it on your host PC.
 
+The current minimum required version of "Armv8-R AEM FVP" is 11.16.16.
+
 Hardware
 ********
 

boards/arm64/fvp_baser_aemv8r/fvp_baser_aemv8r_smp_defconfig

@@ -33,3 +33,5 @@ CONFIG_PM_CPU_OPS_PSCI=n
 CONFIG_SOC_FVP_AEMV8R_EL2_INIT=y
 
 CONFIG_MP_NUM_CPUS=4
+
+CONFIG_MAX_THREAD_BYTES=3

boards/riscv/esp32c3_devkitm/CMakeLists.txt

@@ -24,6 +24,7 @@ if(CONFIG_BOOTLOADER_ESP_IDF)
     -DCMAKE_CXX_COMPILER=${CMAKE_CXX_COMPILER}
     -DCMAKE_ASM_COMPILER=${CMAKE_ASM_COMPILER}
     -DCMAKE_SYSTEM_NAME=${CMAKE_SYSTEM_NAME}
+    -DPYTHON=${PYTHON_EXECUTABLE}
     BUILD_COMMAND
     ${CMAKE_COMMAND} --build .
     INSTALL_COMMAND ""      # This particular build system has no install command
@@ -35,14 +36,14 @@ if(CONFIG_BOOTLOADER_ESP_IDF)
     BINARY_DIR ${espidf_build_dir}
     CONFIGURE_COMMAND ""
     BUILD_COMMAND
-    python ${ESP_IDF_PATH}/components/partition_table/gen_esp32part.py -q
+    ${PYTHON_EXECUTABLE} ${ESP_IDF_PATH}/components/partition_table/gen_esp32part.py -q
     --offset 0x1000 --flash-size 4MB ${ESP_IDF_PATH}/components/partition_table/partitions_singleapp.csv ${espidf_build_dir}/partitions_singleapp.bin
     INSTALL_COMMAND ""
     )
 
   if(CONFIG_BUILD_OUTPUT_BIN)
     set_property(GLOBAL APPEND PROPERTY extra_post_build_commands
-      COMMAND python ${ESP_IDF_PATH}/components/esptool_py/esptool/esptool.py
+      COMMAND ${PYTHON_EXECUTABLE} ${ESP_IDF_PATH}/components/esptool_py/esptool/esptool.py
       ARGS --chip esp32c3 elf2image --flash_mode dio --flash_freq 40m
       -o ${CMAKE_BINARY_DIR}/zephyr/${CONFIG_KERNEL_BIN_NAME}.bin
       ${CMAKE_BINARY_DIR}/zephyr/${CONFIG_KERNEL_BIN_NAME}.elf)

boards/xtensa/esp32/CMakeLists.txt

@@ -23,6 +23,7 @@ if(CONFIG_BOOTLOADER_ESP_IDF)
     -DCMAKE_CXX_COMPILER=${CMAKE_CXX_COMPILER}
     -DCMAKE_ASM_COMPILER=${CMAKE_ASM_COMPILER}
     -DCMAKE_SYSTEM_NAME=${CMAKE_SYSTEM_NAME}
+    -DPYTHON=${PYTHON_EXECUTABLE}
     BUILD_COMMAND
     ${CMAKE_COMMAND} --build .
     INSTALL_COMMAND ""      # This particular build system has no install command
@@ -34,14 +35,14 @@ if(CONFIG_BOOTLOADER_ESP_IDF)
     BINARY_DIR ${espidf_build_dir}
     CONFIGURE_COMMAND ""
     BUILD_COMMAND
-    python ${ESP_IDF_PATH}/components/partition_table/gen_esp32part.py -q
+    ${PYTHON_EXECUTABLE} ${ESP_IDF_PATH}/components/partition_table/gen_esp32part.py -q
     --offset 0x1000 --flash-size 4MB ${ESP_IDF_PATH}/components/partition_table/partitions_singleapp.csv ${espidf_build_dir}/partitions_singleapp.bin
     INSTALL_COMMAND ""
     )
 
   if(CONFIG_BUILD_OUTPUT_BIN)
     set_property(GLOBAL APPEND PROPERTY extra_post_build_commands
-      COMMAND python ${ESP_IDF_PATH}/components/esptool_py/esptool/esptool.py
+      COMMAND ${PYTHON_EXECUTABLE} ${ESP_IDF_PATH}/components/esptool_py/esptool/esptool.py
       ARGS --chip esp32 elf2image --flash_mode dio --flash_freq 40m
       -o ${CMAKE_BINARY_DIR}/zephyr/${CONFIG_KERNEL_BIN_NAME}.bin
       ${CMAKE_BINARY_DIR}/zephyr/${CONFIG_KERNEL_BIN_NAME}.elf)

boards/xtensa/esp32s2_saola/CMakeLists.txt

@@ -23,6 +23,7 @@ if(CONFIG_BOOTLOADER_ESP_IDF)
     -DCMAKE_CXX_COMPILER=${CMAKE_CXX_COMPILER}
     -DCMAKE_ASM_COMPILER=${CMAKE_ASM_COMPILER}
     -DCMAKE_SYSTEM_NAME=${CMAKE_SYSTEM_NAME}
+    -DPYTHON=${PYTHON_EXECUTABLE}
     BUILD_COMMAND
     ${CMAKE_COMMAND} --build .
     INSTALL_COMMAND ""      # This particular build system has no install command
@@ -34,14 +35,14 @@ if(CONFIG_BOOTLOADER_ESP_IDF)
     BINARY_DIR ${espidf_build_dir}
     CONFIGURE_COMMAND ""
     BUILD_COMMAND
-    python ${ESP_IDF_PATH}/components/partition_table/gen_esp32part.py -q
+    ${PYTHON_EXECUTABLE} ${ESP_IDF_PATH}/components/partition_table/gen_esp32part.py -q
     --offset 0x1000 --flash-size 4MB ${ESP_IDF_PATH}/components/partition_table/partitions_singleapp.csv ${espidf_build_dir}/partitions_singleapp.bin
     INSTALL_COMMAND ""
     )
 
   if(CONFIG_BUILD_OUTPUT_BIN)
     set_property(GLOBAL APPEND PROPERTY extra_post_build_commands
-      COMMAND python ${ESP_IDF_PATH}/components/esptool_py/esptool/esptool.py
+      COMMAND ${PYTHON_EXECUTABLE} ${ESP_IDF_PATH}/components/esptool_py/esptool/esptool.py
       ARGS --chip esp32s2 elf2image --flash_mode dio --flash_freq 40m
       -o ${CMAKE_BINARY_DIR}/zephyr/${CONFIG_KERNEL_BIN_NAME}.bin
       ${CMAKE_BINARY_DIR}/zephyr/${CONFIG_KERNEL_BIN_NAME}.elf)

cmake/compiler/arcmwdt/compiler_flags.cmake

@@ -132,6 +132,10 @@ set_property(TARGET compiler-cpp PROPERTY dialect_cpp2a "")
 set_property(TARGET compiler-cpp PROPERTY dialect_cpp20 "")
 set_property(TARGET compiler-cpp PROPERTY dialect_cpp2b "")
 
+# Flags for set extra warnigs (ARCMWDT asm can't recognize --fatal-warnings. Skip it)
+set_property(TARGET compiler PROPERTY warnings_as_errors -Werror)
+set_property(TARGET asm PROPERTY warnings_as_errors -Werror)
+
 # Disable exeptions flag in C++
 set_property(TARGET compiler-cpp PROPERTY no_exceptions "-fno-exceptions")
 

cmake/compiler/compiler_flags_template.cmake

@@ -65,6 +65,10 @@ set_property(TARGET compiler-cpp PROPERTY dialect_cpp2a)
 set_property(TARGET compiler-cpp PROPERTY dialect_cpp20)
 set_property(TARGET compiler-cpp PROPERTY dialect_cpp2b)
 
+# Extra warnings options for twister run
+set_property(TARGET compiler PROPERTY warnings_as_errors)
+set_property(TARGET asm PROPERTY warnings_as_errors)
+
 # Flag for disabling exeptions in C++
 set_property(TARGET compiler-cpp PROPERTY no_exceptions)
 

cmake/compiler/gcc/compiler_flags.cmake

@@ -137,6 +137,10 @@ set_property(TARGET compiler-cpp PROPERTY dialect_cpp20 "-std=c++20"
 set_property(TARGET compiler-cpp PROPERTY dialect_cpp2b "-std=c++2b"
   "-Wno-register" "-Wno-volatile")
 
+# Flags for set extra warnigs (ARCMWDT asm can't recognize --fatal-warnings. Skip it)
+set_property(TARGET compiler PROPERTY warnings_as_errors -Werror)
+set_property(TARGET asm PROPERTY warnings_as_errors -Werror)
+
 # Disable exeptions flag in C++
 set_property(TARGET compiler-cpp PROPERTY no_exceptions "-fno-exceptions")
 

cmake/dts.cmake

@@ -53,7 +53,7 @@ list(REMOVE_DUPLICATES
 # Drop support for NOT CONFIG_HAS_DTS perhaps?
 if(EXISTS ${DTS_SOURCE})
   set(SUPPORTS_DTS 1)
-  if(BOARD_REVISION AND EXISTS ${BOARD_DIR}/${BOARD}_${BOARD_REVISION_STRING}.overlay)
+  if(DEFINED BOARD_REVISION AND EXISTS ${BOARD_DIR}/${BOARD}_${BOARD_REVISION_STRING}.overlay)
     list(APPEND DTS_SOURCE ${BOARD_DIR}/${BOARD}_${BOARD_REVISION_STRING}.overlay)
   endif()
 else()

cmake/emu/armfvp.cmake

@@ -10,6 +10,20 @@ find_program(
   NAMES ${ARMFVP_BIN_NAME}
   )
 
+if ((NOT "${ARMFVP}" STREQUAL "ARMFVP-NOTFOUND") AND (DEFINED ARMFVP_MIN_VERSION))
+  execute_process(
+    COMMAND ${ARMFVP} --version
+    OUTPUT_VARIABLE out
+    OUTPUT_STRIP_TRAILING_WHITESPACE
+  )
+  string(REPLACE "\n" "" out ${out})
+  string(REGEX MATCH "[0-9]+\.[0-9]+\.[0-9]+" armfvp_version ${out})
+  if(${armfvp_version} VERSION_LESS ${ARMFVP_MIN_VERSION})
+    message(WARNING "Found FVP version is \"${armfvp_version}\", "
+      "the minimum required by the current board is \"${ARMFVP_MIN_VERSION}\".")
+  endif()
+endif()
+
 if(CONFIG_ARMV8_A_NS)
   foreach(filetype BL1 FIP)
     if ((NOT DEFINED ARMFVP_${filetype}_FILE) AND (EXISTS "$ENV{ARMFVP_${filetype}_FILE}"))

cmake/extensions.cmake

@@ -518,7 +518,7 @@ function(zephyr_library_cc_option)
     string(MAKE_C_IDENTIFIER check${option} check)
     zephyr_check_compiler_flag(C ${option} ${check})
 
-    if(${check})
+    if(${${check}})
       zephyr_library_compile_options(${option})
     endif()
   endforeach()
@@ -1003,9 +1003,9 @@ endfunction()
 function(zephyr_check_compiler_flag lang option check)
   # Check if the option is covered by any hardcoded check before doing
   # an automated test.
-  zephyr_check_compiler_flag_hardcoded(${lang} "${option}" check exists)
+  zephyr_check_compiler_flag_hardcoded(${lang} "${option}" _${check} exists)
   if(exists)
-    set(check ${check} PARENT_SCOPE)
+    set(${check} ${_${check}} PARENT_SCOPE)
     return()
   endif()
 
@@ -1110,11 +1110,11 @@ function(zephyr_check_compiler_flag_hardcoded lang option check exists)
   # because they would produce a warning instead of an error during
   # the test.  Exclude them by toolchain-specific blocklist.
   if((${lang} STREQUAL CXX) AND ("${option}" IN_LIST CXX_EXCLUDED_OPTIONS))
-    set(check 0 PARENT_SCOPE)
-    set(exists 1 PARENT_SCOPE)
+    set(${check} 0 PARENT_SCOPE)
+    set(${exists} 1 PARENT_SCOPE)
   else()
     # There does not exist a hardcoded check for this option.
-    set(exists 0 PARENT_SCOPE)
+    set(${exists} 0 PARENT_SCOPE)
   endif()
 endfunction(zephyr_check_compiler_flag_hardcoded)
 
@@ -1862,7 +1862,7 @@ function(check_set_linker_property)
   zephyr_check_compiler_flag(C "" ${check})
   set(CMAKE_REQUIRED_FLAGS ${SAVED_CMAKE_REQUIRED_FLAGS})
 
-  if(${check})
+  if(${${check}})
     set_property(TARGET ${LINKER_PROPERTY_TARGET} ${APPEND} PROPERTY ${property} ${option})
   endif()
 endfunction()

cmake/host-tools.cmake

@@ -1,6 +1,8 @@
 # SPDX-License-Identifier: Apache-2.0
 
-include(${ZEPHYR_BASE}/cmake/toolchain/zephyr/host-tools.cmake)
+if(ZEPHYR_SDK_HOST_TOOLS)
+  include(${ZEPHYR_BASE}/cmake/toolchain/zephyr/host-tools.cmake)
+endif()
 
 # dtc is an optional dependency
 find_program(

cmake/kconfig.cmake

@@ -90,6 +90,8 @@ endforeach()
 # A list of common environment settings used when invoking Kconfig during CMake
 # configure time or menuconfig and related build target.
 string(REPLACE ";" "\\\;" SHIELD_AS_LIST_ESCAPED "${SHIELD_AS_LIST}")
+# cmake commands are escaped differently
+string(REPLACE ";" "\\;" SHIELD_AS_LIST_ESCAPED_COMMAND "${SHIELD_AS_LIST}")
 
 set(COMMON_KCONFIG_ENV_SETTINGS
   PYTHON_EXECUTABLE=${PYTHON_EXECUTABLE}
@@ -161,12 +163,23 @@ endforeach()
 unset(EXTRA_KCONFIG_OPTIONS)
 get_cmake_property(cache_variable_names CACHE_VARIABLES)
 foreach (name ${cache_variable_names})
-  if("${name}" MATCHES "^CONFIG_")
+  if("${name}" MATCHES "^CLI_CONFIG_")
+    # Variable was set by user in earlier invocation, let's append to extra
+    # config unless a new value has been given.
+    string(REGEX REPLACE "^CLI_" "" org_name ${name})
+    if(NOT DEFINED ${org_name})
+      set(EXTRA_KCONFIG_OPTIONS
+        "${EXTRA_KCONFIG_OPTIONS}\n${org_name}=${${name}}"
+      )
+    endif()
+  elseif("${name}" MATCHES "^CONFIG_")
     # When a cache variable starts with 'CONFIG_', it is assumed to be
     # a Kconfig symbol assignment from the CMake command line.
     set(EXTRA_KCONFIG_OPTIONS
       "${EXTRA_KCONFIG_OPTIONS}\n${name}=${${name}}"
       )
+    set(CLI_${name} "${${name}}")
+    list(APPEND cli_config_list ${name})
   endif()
 endforeach()
 
@@ -250,7 +263,7 @@ endif()
 execute_process(
   COMMAND ${CMAKE_COMMAND} -E env
   ${COMMON_KCONFIG_ENV_SETTINGS}
-  SHIELD_AS_LIST=${SHIELD_AS_LIST_ESCAPED}
+  SHIELD_AS_LIST=${SHIELD_AS_LIST_ESCAPED_COMMAND}
   ${PYTHON_EXECUTABLE}
   ${ZEPHYR_BASE}/scripts/kconfig/kconfig.py
   --zephyr-base=${ZEPHYR_BASE}
@@ -294,21 +307,20 @@ add_custom_target(config-twister DEPENDS ${DOTCONFIG})
 # Remove the CLI Kconfig symbols from the namespace and
 # CMakeCache.txt. If the symbols end up in DOTCONFIG they will be
 # re-introduced to the namespace through 'import_kconfig'.
-foreach (name ${cache_variable_names})
-  if("${name}" MATCHES "^CONFIG_")
-    unset(${name})
-    unset(${name} CACHE)
-  endif()
+foreach (name ${cli_config_list})
+  unset(${name})
+  unset(${name} CACHE)
 endforeach()
 
 # Parse the lines prefixed with CONFIG_ in the .config file from Kconfig
 import_kconfig(CONFIG_ ${DOTCONFIG})
 
-# Re-introduce the CLI Kconfig symbols that survived
-foreach (name ${cache_variable_names})
-  if("${name}" MATCHES "^CONFIG_")
-    if(DEFINED ${name})
-      set(${name} ${${name}} CACHE STRING "")
-    endif()
+# Cache the CLI Kconfig symbols that survived through Kconfig, prefixed with CLI_.
+# Remove those who might have changed compared to earlier runs, if they no longer appears.
+foreach (name ${cli_config_list})
+  if(DEFINED ${name})
+    set(CLI_${name} ${CLI_${name}} CACHE INTERNAL "")
+  else()
+    unset(CLI_${name} CACHE)
   endif()
 endforeach()

cmake/linker/arcmwdt/linker_flags.cmake

@@ -0,0 +1,4 @@
+# SPDX-License-Identifier: Apache-2.0
+
+# Extra warnings options for twister run
+set_property(TARGET linker PROPERTY warnings_as_errors -Wl,--fatal-warnings)

cmake/linker/ld/clang/linker_flags.cmake

@@ -3,6 +3,9 @@ if (NOT CONFIG_COVERAGE_GCOV)
   set_property(TARGET linker PROPERTY coverage --coverage)
 endif()
 
+# Extra warnings options for twister run
+set_property(TARGET linker PROPERTY ld_extra_warning_options -Wl,--fatal-warnings)
+
 # ld/clang linker flags for sanitizing.
 check_set_linker_property(TARGET linker APPEND PROPERTY sanitize_address -fsanitize=address)
 

cmake/linker/ld/gcc/linker_flags.cmake

@@ -7,6 +7,9 @@ if (NOT CONFIG_COVERAGE_GCOV)
   set_property(TARGET linker PROPERTY coverage -lgcov)
 endif()
 
+# Extra warnings options for twister run
+set_property(TARGET linker PROPERTY warnings_as_errors -Wl,--fatal-warnings)
+
 # ld/gcc linker flags for sanitizing.
 check_set_linker_property(TARGET linker APPEND PROPERTY sanitize_address -lasan)
 check_set_linker_property(TARGET linker APPEND PROPERTY sanitize_address -fsanitize=address)

cmake/linker/linker_flags_template.cmake

@@ -14,3 +14,6 @@ check_set_linker_property(TARGET linker APPEND PROPERTY sanitize_undefined)
 # If memory reporting is a post build command, please use
 # cmake/bintools/bintools.cmake insted.
 check_set_linker_property(TARGET linker PROPERTY memusage)
+
+# Extra warnings options for twister run
+set_property(TARGET linker PROPERTY warnings_as_errors)

cmake/toolchain/zephyr/0.11/Kconfig

@@ -1,8 +0,0 @@
-# Zephyr 0.11 SDK Toolchain
-
-# Copyright (c) 2020 Linaro Limited.
-# SPDX-License-Identifier: Apache-2.0
-
-config TOOLCHAIN_ZEPHYR_0_11
-	def_bool y
-	select HAS_NEWLIB_LIBC_NANO if (ARC || ARM || RISCV)

cmake/toolchain/zephyr/0.11/generic.cmake

@@ -1,34 +0,0 @@
-# SPDX-License-Identifier: Apache-2.0
-
-set(TOOLCHAIN_HOME ${ZEPHYR_SDK_INSTALL_DIR})
-
-set(COMPILER gcc)
-set(LINKER ld)
-set(BINTOOLS gnu)
-
-# Find some toolchain that is distributed with this particular SDK
-
-file(GLOB toolchain_paths
-  LIST_DIRECTORIES true
-  ${TOOLCHAIN_HOME}/xtensa/*/*-zephyr-elf
-  ${TOOLCHAIN_HOME}/*-zephyr-elf
-  ${TOOLCHAIN_HOME}/*-zephyr-eabi
-  )
-
-if(toolchain_paths)
-  list(GET toolchain_paths 0 some_toolchain_path)
-
-  get_filename_component(one_toolchain_root "${some_toolchain_path}" DIRECTORY)
-  get_filename_component(one_toolchain "${some_toolchain_path}" NAME)
-
-  set(CROSS_COMPILE_TARGET ${one_toolchain})
-  set(SYSROOT_TARGET	   ${one_toolchain})
-endif()
-
-if(NOT CROSS_COMPILE_TARGET)
-  message(FATAL_ERROR "Unable to find 'x86_64-zephyr-elf' or any other architecture in ${TOOLCHAIN_HOME}")
-endif()
-
-set(CROSS_COMPILE ${one_toolchain_root}/${CROSS_COMPILE_TARGET}/bin/${CROSS_COMPILE_TARGET}-)
-set(SYSROOT_DIR   ${one_toolchain_root}/${SYSROOT_TARGET}/${SYSROOT_TARGET})
-set(TOOLCHAIN_HAS_NEWLIB ON CACHE BOOL "True if toolchain supports newlib")

cmake/toolchain/zephyr/0.11/host-tools.cmake

@@ -1,12 +0,0 @@
-# SPDX-License-Identifier: Apache-2.0
-
-set(HOST_TOOLS_HOME ${ZEPHYR_SDK_INSTALL_DIR}/sysroots/${TOOLCHAIN_ARCH}-pokysdk-linux)
-
-# Path used for searching by the find_*() functions, with appropriate
-# suffixes added. Ensures that the SDK's host tools will be found when
-# we call, e.g. find_program(QEMU qemu-system-x86)
-list(APPEND CMAKE_PREFIX_PATH ${HOST_TOOLS_HOME}/usr)
-
-# TODO: Use find_* somehow for these as well?
-set_ifndef(QEMU_BIOS            ${HOST_TOOLS_HOME}/usr/share/qemu)
-set_ifndef(OPENOCD_DEFAULT_PATH ${HOST_TOOLS_HOME}/usr/share/openocd/scripts)

cmake/toolchain/zephyr/0.11/target.cmake

@@ -1,53 +0,0 @@
-# SPDX-License-Identifier: Apache-2.0
-
-set(CROSS_COMPILE_TARGET_arm        arm-zephyr-eabi)
-set(CROSS_COMPILE_TARGET_arm64   aarch64-zephyr-elf)
-set(CROSS_COMPILE_TARGET_nios2     nios2-zephyr-elf)
-set(CROSS_COMPILE_TARGET_riscv   riscv64-zephyr-elf)
-set(CROSS_COMPILE_TARGET_mips     mipsel-zephyr-elf)
-set(CROSS_COMPILE_TARGET_xtensa   xtensa-zephyr-elf)
-set(CROSS_COMPILE_TARGET_arc         arc-zephyr-elf)
-set(CROSS_COMPILE_TARGET_x86      x86_64-zephyr-elf)
-set(CROSS_COMPILE_TARGET_sparc     sparc-zephyr-elf)
-
-set(CROSS_COMPILE_TARGET ${CROSS_COMPILE_TARGET_${ARCH}})
-set(SYSROOT_TARGET       ${CROSS_COMPILE_TARGET})
-
-if("${ARCH}" STREQUAL "xtensa")
-  # Xtensa GCC needs a different toolchain per SOC
-  if("${SOC_SERIES}" STREQUAL "cavs_v15")
-    set(SR_XT_TC_SOC intel_apl_adsp)
-  elseif("${SOC_SERIES}" STREQUAL "cavs_v18")
-    set(SR_XT_TC_SOC intel_s1000)
-  elseif("${SOC_SERIES}" STREQUAL "cavs_v20")
-    set(SR_XT_TC_SOC intel_s1000)
-  elseif("${SOC_SERIES}" STREQUAL "cavs_v25")
-    set(SR_XT_TC_SOC intel_s1000)
-  elseif("${SOC_SERIES}" STREQUAL "baytrail_adsp")
-    set(SR_XT_TC_SOC intel_byt_adsp)
-  elseif("${SOC_SERIES}" STREQUAL "broadwell_adsp")
-    set(SR_XT_TC_SOC intel_bdw_adsp)
-  elseif("${SOC_SERIES}" STREQUAL "imx8")
-    set(SR_XT_TC_SOC nxp_imx_adsp)
-  elseif("${SOC_SERIES}" STREQUAL "imx8m")
-    set(SR_XT_TC_SOC nxp_imx8m_adsp)
-  else()
-    message(FATAL_ERROR "Not compiler set for SOC_SERIES ${SOC_SERIES}")
- endif()
- set(SYSROOT_DIR ${TOOLCHAIN_HOME}/xtensa/${SR_XT_TC_SOC}/${SYSROOT_TARGET})
- set(CROSS_COMPILE ${TOOLCHAIN_HOME}/xtensa/${SR_XT_TC_SOC}/${CROSS_COMPILE_TARGET}/bin/${CROSS_COMPILE_TARGET}-)
-else()
-  # Non-Xtensa SDK toolchains follow a simpler convention
-  set(SYSROOT_DIR   ${TOOLCHAIN_HOME}/${SYSROOT_TARGET}/${SYSROOT_TARGET})
-  set(CROSS_COMPILE ${TOOLCHAIN_HOME}/${CROSS_COMPILE_TARGET}/bin/${CROSS_COMPILE_TARGET}-)
-endif()
-
-if("${ARCH}" STREQUAL "x86")
-  if(CONFIG_X86_64)
-    list(APPEND TOOLCHAIN_C_FLAGS -m64)
-    list(APPEND TOOLCHAIN_LD_FLAGS -m64)
-  else()
-    list(APPEND TOOLCHAIN_C_FLAGS -m32)
-    list(APPEND TOOLCHAIN_LD_FLAGS -m32)
-  endif()
-endif()

cmake/toolchain/zephyr/generic.cmake

@@ -1,13 +1,7 @@
 # SPDX-License-Identifier: Apache-2.0
 
-if(${SDK_VERSION} VERSION_LESS_EQUAL 0.11.2)
-  # For backward compatibility with 0.11.1 and 0.11.2
-  # we need to source files from Zephyr repo
-  include(${CMAKE_CURRENT_LIST_DIR}/${SDK_MAJOR_MINOR}/generic.cmake)
+include(${ZEPHYR_SDK_INSTALL_DIR}/cmake/zephyr/generic.cmake)
 
-  set(TOOLCHAIN_KCONFIG_DIR ${CMAKE_CURRENT_LIST_DIR}/${SDK_MAJOR_MINOR})
-else()
-  include(${ZEPHYR_SDK_INSTALL_DIR}/cmake/zephyr/generic.cmake)
+set(TOOLCHAIN_KCONFIG_DIR ${ZEPHYR_SDK_INSTALL_DIR}/cmake/zephyr)
 
-  set(TOOLCHAIN_KCONFIG_DIR ${ZEPHYR_SDK_INSTALL_DIR}/cmake/zephyr)
-endif()
+message(STATUS "Found toolchain: zephyr ${SDK_VERSION} (${ZEPHYR_SDK_INSTALL_DIR})")

cmake/toolchain/zephyr/host-tools.cmake

@@ -1,55 +1,5 @@
 # SPDX-License-Identifier: Apache-2.0
 
-# This is the minimum required version for Zephyr to work (Old style)
-set(REQUIRED_SDK_VER 0.11.1)
-cmake_host_system_information(RESULT TOOLCHAIN_ARCH QUERY OS_PLATFORM)
+include(${ZEPHYR_SDK_INSTALL_DIR}/cmake/zephyr/host-tools.cmake)
 
-if(NOT DEFINED ZEPHYR_SDK_INSTALL_DIR)
-  # Until https://github.com/zephyrproject-rtos/zephyr/issues/4912 is
-  # resolved we use ZEPHYR_SDK_INSTALL_DIR to determine whether the user
-  # wants to use the Zephyr SDK or not.
-  return()
-endif()
-
-# Cache the Zephyr SDK install dir.
-set(ZEPHYR_SDK_INSTALL_DIR ${ZEPHYR_SDK_INSTALL_DIR} CACHE PATH "Zephyr SDK install directory")
-
-if(NOT DEFINED SDK_VERSION)
-  if(ZEPHYR_TOOLCHAIN_VARIANT AND ZEPHYR_SDK_INSTALL_DIR)
-    # Manual detection for Zephyr SDK 0.11.1 and 0.11.2 for backward compatibility.
-    set(sdk_version_path ${ZEPHYR_SDK_INSTALL_DIR}/sdk_version)
-    if(NOT (EXISTS ${sdk_version_path}))
-      message(FATAL_ERROR
-              "The file '${ZEPHYR_SDK_INSTALL_DIR}/sdk_version' was not found. \
-               Is ZEPHYR_SDK_INSTALL_DIR=${ZEPHYR_SDK_INSTALL_DIR} misconfigured?")
-    endif()
-
-    # Read version as published by the SDK
-    file(READ ${sdk_version_path} SDK_VERSION_PRE1)
-    # Remove any pre-release data, for example 0.10.0-beta4 -> 0.10.0
-    string(REGEX REPLACE "-.*" "" SDK_VERSION_PRE2 ${SDK_VERSION_PRE1})
-    # Strip any trailing spaces/newlines from the version string
-    string(STRIP ${SDK_VERSION_PRE2} SDK_VERSION)
-    string(REGEX MATCH "([0-9]*).([0-9]*)" SDK_MAJOR_MINOR ${SDK_VERSION})
-
-    string(REGEX MATCH "([0-9]+)\.([0-9]+)\.([0-9]+)" SDK_MAJOR_MINOR_MICRO ${SDK_VERSION})
-
-    #at least 0.0.0
-    if(NOT SDK_MAJOR_MINOR_MICRO)
-      message(FATAL_ERROR "sdk version: ${SDK_MAJOR_MINOR_MICRO} improper format.
-      Expected format: x.y.z
-      Check whether the Zephyr SDK was installed correctly.
-    ")
-    endif()
-  endif()
-endif()
-
-message(STATUS "Using toolchain: zephyr ${SDK_VERSION} (${ZEPHYR_SDK_INSTALL_DIR})")
-
-if(${SDK_VERSION} VERSION_LESS_EQUAL 0.11.2)
-  # For backward compatibility with 0.11.1 and 0.11.2
-  # we need to source files from Zephyr repo
-  include(${CMAKE_CURRENT_LIST_DIR}/${SDK_MAJOR_MINOR}/host-tools.cmake)
-else()
-  include(${ZEPHYR_SDK_INSTALL_DIR}/cmake/zephyr/host-tools.cmake)
-endif()
+message(STATUS "Found host-tools: zephyr ${SDK_VERSION} (${ZEPHYR_SDK_INSTALL_DIR})")

cmake/toolchain/zephyr/target.cmake

@@ -1,18 +1,3 @@
 # SPDX-License-Identifier: Apache-2.0
 
-if(${SDK_VERSION} VERSION_LESS_EQUAL 0.11.2)
-  # For backward compatibility with 0.11.1 and 0.11.2
-  # we need to source files from Zephyr repo
-  include(${CMAKE_CURRENT_LIST_DIR}/${SDK_MAJOR_MINOR}/target.cmake)
-elseif(("${ARCH}" STREQUAL "sparc") AND (${SDK_VERSION} VERSION_LESS 0.12))
-  # SDK 0.11.3, 0.11.4 does not have SPARC target support.
-  include(${CMAKE_CURRENT_LIST_DIR}/${SDK_MAJOR_MINOR}/target.cmake)
-else()
-  include(${ZEPHYR_SDK_INSTALL_DIR}/cmake/zephyr/target.cmake)
-
-  # Workaround, FIXME: Waiting for new SDK.
-  if("${ARCH}" STREQUAL "xtensa")
-    set(SYSROOT_DIR ${TOOLCHAIN_HOME}/xtensa/${SOC_TOOLCHAIN_NAME}/${SYSROOT_TARGET})
-    set(CROSS_COMPILE ${TOOLCHAIN_HOME}/xtensa/${SOC_TOOLCHAIN_NAME}/${CROSS_COMPILE_TARGET}/bin/${CROSS_COMPILE_TARGET}-)
-  endif()
-endif()
+include(${ZEPHYR_SDK_INSTALL_DIR}/cmake/zephyr/target.cmake)

cmake/verify-toolchain.cmake

@@ -90,10 +90,6 @@ if(NOT DEFINED ZEPHYR_TOOLCHAIN_VARIANT)
   if (NOT Zephyr-sdk_CONSIDERED_VERSIONS)
     set(error_msg "ZEPHYR_TOOLCHAIN_VARIANT not specified and no Zephyr SDK is installed.\n")
     string(APPEND error_msg "Please set ZEPHYR_TOOLCHAIN_VARIANT to the toolchain to use or install the Zephyr SDK.")
-
-    if(NOT ZEPHYR_TOOLCHAIN_VARIANT AND NOT ZEPHYR_SDK_INSTALL_DIR)
-      set(error_note "Note: If you are using Zephyr SDK 0.11.1 or 0.11.2, remember to set ZEPHYR_SDK_INSTALL_DIR and ZEPHYR_TOOLCHAIN_VARIANT")
-    endif()
   else()
     #  Note: When CMake mimimun version becomes >= 3.17, change this loop into:
     #    foreach(version config IN ZIP_LISTS Zephyr-sdk_CONSIDERED_VERSIONS Zephyr-sdk_CONSIDERED_CONFIGS)
@@ -116,11 +112,17 @@ if(NOT DEFINED ZEPHYR_TOOLCHAIN_VARIANT)
   message(FATAL_ERROR "${error_msg}
 The Zephyr SDK can be downloaded from:
 https://github.com/zephyrproject-rtos/sdk-ng/releases/download/v${TOOLCHAIN_ZEPHYR_MINIMUM_REQUIRED_VERSION}/zephyr-sdk-${TOOLCHAIN_ZEPHYR_MINIMUM_REQUIRED_VERSION}-setup.run
-${error_note}
 ")
 
 endif()
 
+if(DEFINED ZEPHYR_SDK_INSTALL_DIR)
+  # Cache the Zephyr SDK install dir.
+  set(ZEPHYR_SDK_INSTALL_DIR ${ZEPHYR_SDK_INSTALL_DIR} CACHE PATH "Zephyr SDK install directory")
+  # Use the Zephyr SDK host-tools.
+  set(ZEPHYR_SDK_HOST_TOOLS TRUE)
+endif()
+
 if(CMAKE_SCRIPT_MODE_FILE)
   if("${FORMAT}" STREQUAL "json")
     set(json "{\"ZEPHYR_TOOLCHAIN_VARIANT\" : \"${ZEPHYR_TOOLCHAIN_VARIANT}\", ")

doc/_extensions/zephyr/doxyrunner.py

@@ -31,6 +31,9 @@ Configuration options
 - ``doxyrunner_doxyfile``: Path to Doxyfile.
 - ``doxyrunner_outdir``: Doxygen build output directory (inserted to
   ``OUTPUT_DIRECTORY``)
+- ``doxyrunner_outdir_var``: Variable representing the Doxygen build output
+  directory, as used by ``OUTPUT_DIRECTORY``. This can be useful if other
+  Doxygen variables reference to the output directory.
 - ``doxyrunner_fmt``: Flag to indicate if Doxyfile should be formatted.
 - ``doxyrunner_fmt_vars``: Format variables dictionary (name: value).
 - ``doxyrunner_fmt_pattern``: Format pattern.
@@ -132,6 +135,7 @@ def process_doxyfile(
     fmt: bool = False,
     fmt_pattern: Optional[str] = None,
     fmt_vars: Optional[Dict[str, str]] = None,
+    outdir_var: Optional[str] = None,
 ) -> str:
     """Process Doxyfile.
 
@@ -146,6 +150,7 @@ def process_doxyfile(
         fmt: If Doxyfile should be formatted.
         fmt_pattern: Format pattern.
         fmt_vars: Format variables.
+        outdir_var: Variable representing output directory.
 
      Returns:
         Processed Doxyfile content.
@@ -179,6 +184,10 @@ def process_doxyfile(
         if not fmt_pattern or not fmt_vars:
             raise ValueError("Invalid formatting pattern or variables")
 
+        if outdir_var:
+            fmt_vars = fmt_vars.copy()
+            fmt_vars[outdir_var] = outdir.as_posix()
+
         for var, value in fmt_vars.items():
             content = content.replace(fmt_pattern.format(var), value)
 
@@ -349,6 +358,7 @@ def doxygen_build(app: Sphinx) -> None:
         app.config.doxyrunner_fmt,
         app.config.doxyrunner_fmt_pattern,
         app.config.doxyrunner_fmt_vars,
+        app.config.doxyrunner_outdir_var,
     )
 
     logger.info("Checking if Doxygen needs to be run...")
@@ -374,6 +384,7 @@ def setup(app: Sphinx) -> Dict[str, Any]:
     app.add_config_value("doxyrunner_doxygen", "doxygen", "env")
     app.add_config_value("doxyrunner_doxyfile", None, "env")
     app.add_config_value("doxyrunner_outdir", None, "env")
+    app.add_config_value("doxyrunner_outdir_var", None, "env")
     app.add_config_value("doxyrunner_fmt", False, "env")
     app.add_config_value("doxyrunner_fmt_vars", {}, "env")
     app.add_config_value("doxyrunner_fmt_pattern", "@{}@", "env")

doc/_static/css/custom.css

@@ -124,64 +124,27 @@ hr,
     border-color: var(--admonition-attention-title-background-color) !important;
     color: var(--admonition-attention-color) !important;
 }
-.rst-content dl:not(.docutils).class dt,
-.rst-content dl:not(.docutils).function dt,
-.rst-content dl:not(.docutils).method dt,
-.rst-content dl:not(.docutils).attribute dt {
-    width: 100% !important;
-}
-.rst-content dl:not(.docutils).class > dt,
-.rst-content dl:not(.docutils).function > dt,
-.rst-content dl:not(.docutils).method > dt,
-.rst-content dl:not(.docutils).attribute > dt {
-    font-size: 100% !important;
-    font-weight: normal !important;
-    margin-bottom: 16px !important;
-    padding: 6px 8px !important;
-}
-.rst-content dl:not(.docutils) tt.descclassname,
-.rst-content dl:not(.docutils) code.descclassname {
-    color: var(--highlight-type2-color) !important;
-    font-weight: normal !important;
-}
-.rst-content dl:not(.docutils) tt.descname,
-.rst-content dl:not(.docutils) code.descname {
-    color: var(--highlight-function-color) !important;
-    font-weight: normal !important;
-}
-.rst-content dl:not(.docutils) .sig-paren,
-.rst-content dl:not(.docutils) .optional {
-    color: var(--highlight-operator-color) !important;
-    font-weight: normal !important;
-    padding: 0 2px !important;
-}
-.rst-content dl:not(.docutils) .optional {
-    font-style: italic !important;
-}
-.rst-content dl:not(.docutils) .sig-param,
-.rst-content dl:not(.docutils).class dt > em,
-.rst-content dl:not(.docutils).function dt > em,
-.rst-content dl:not(.docutils).method dt > em {
-    color: var(--code-literal-color) !important;
+
+.rst-content dt.sig .k {
+    color: var(--highlight-keyword2-color) !important;
     font-style: normal !important;
-    padding: 0 4px !important;
 }
-.rst-content dl:not(.docutils) .sig-param,
-.rst-content dl:not(.docutils).class dt > code,
-.rst-content dl:not(.docutils).function dt > code,
-.rst-content dl:not(.docutils).method dt > code {
-    padding: 0 4px !important;
-}
-.rst-content dl:not(.docutils) .sig-param,
-.rst-content dl:not(.docutils).class dt > .optional ~ em,
-.rst-content dl:not(.docutils).function dt > .optional ~ em,
-.rst-content dl:not(.docutils).method dt > .optional ~ em {
-    color: var(--highlight-number-color) !important;
-    font-style: italic !important;
-}
-.rst-content dl:not(.docutils).class dt > em.property {
+
+.rst-content dt.sig .kt {
     color: var(--highlight-keyword-color) !important;
+    font-style: normal !important;
 }
+
+.rst-content dt.sig .sig-name .n {
+    color: var(--highlight-function-color) !important;
+}
+
+.rst-content dt.sig .k,
+.rst-content dt.sig .kt,
+.rst-content dt.sig .n {
+    font-weight: normal !important;
+}
+
 .rst-content dl:not(.docutils) dt a.headerlink {
     color: var(--link-color) !important;
 }
@@ -878,16 +841,8 @@ kbd, .kbd {
 
 /* Breathe tweaks */
 
-.rst-content dl.group>dt, .rst-content dl.group>dd>p {
-    display:none !important;
-}
-
-.rst-content dl.group {
-    margin: 0 0 1rem 0;
-}
-
-.rst-content dl.group>dd {
-    margin-left: 0 !important;
+.rst-content .section > dl > dd {
+    margin-left: 0;
 }
 
 .rst-content p.breathe-sectiondef-title {
@@ -895,24 +850,12 @@ kbd, .kbd {
     color: var(--link-color);
 }
 
-.rst-content div.breathe-sectiondef {
-    padding-left: 0 !important;
-}
-
 .rst-content dl:not(.docutils) dl:not(.rst-other-versions) dt {
     background: var(--admonition-note-background-color) !important;
     border-top: none !important;
     border-left: none !important;
 }
 
-.rst-content dl:not(.docutils).c.var .pre {
-  padding-right: 4px;
-}
-
-.rst-content dl:not(.docutils).c.struct .property {
-  padding-right: 4px !important;
-}
-
 /* Misc tweaks */
 
 .rst-columns {

doc/conf.py

@@ -180,6 +180,7 @@ doxyrunner_doxyfile = ZEPHYR_BASE / "doc" / "zephyr.doxyfile.in"
 doxyrunner_outdir = ZEPHYR_BUILD / "doxygen"
 doxyrunner_fmt = True
 doxyrunner_fmt_vars = {"ZEPHYR_BASE": str(ZEPHYR_BASE)}
+doxyrunner_outdir_var = "DOXY_OUT"
 
 # -- Options for Breathe plugin -------------------------------------------
 
@@ -203,6 +204,7 @@ cpp_id_attributes = [
     "__DEPRECATED_MACRO",
     "FUNC_NORETURN",
     "__subsystem",
+    "ALWAYS_INLINE",
 ]
 c_id_attributes = cpp_id_attributes
 
@@ -251,8 +253,8 @@ graphviz_dot_args = [
 # -- Linkcheck options ----------------------------------------------------
 
 extlinks = {
-    "jira": ("https://jira.zephyrproject.org/browse/%s", ""),
-    "github": ("https://github.com/zephyrproject-rtos/zephyr/issues/%s", ""),
+    "jira": ("https://jira.zephyrproject.org/browse/%s", "JIRA %s"),
+    "github": ("https://github.com/zephyrproject-rtos/zephyr/issues/%s", "GitHub #%s"),
 }
 
 linkcheck_timeout = 30

doc/guides/device_mgmt/mcumgr.rst

@@ -209,6 +209,20 @@ on Zephyr. The ones that are supported are described in the following table:
     :kconfig:`CONFIG_THREAD_STACK_INFO` and :kconfig:`CONFIG_INIT_STACKS` options
     must be set.
 
+.. _mcumgr_jlink_ob_virtual_msd:
+
+J-Link Virtual MSD Interaction Note
+***********************************
+
+On boards where a J-Link OB is present which has both CDC and MSC (virtual Mass
+Storage Device, also known as drag-and-drop) support, the MSD functionality can
+prevent mcumgr commands over the CDC UART port from working due to how USB
+endpoints are configured in the J-Link firmware (for example on the Nordic
+``nrf52840dk``) because of limiting the maximum packet size (most likely to occur
+when using image management commands for updating firmware). This issue can be
+resolved by disabling MSD functionality on the J-Link device, follow the
+instructions on :ref:`nordic_segger_msd` to disable MSD support.
+
 .. _image_mgmt:
 
 Image Management

doc/guides/docs/index.rst

@@ -261,7 +261,21 @@ or invoke make with the following target::
    # To generate HTML output without detailed Kconfig
    make html-fast
 
+Linking external Doxygen projects against Zephyr
+************************************************
+
+External projects that build upon Zephyr functionality and wish to refer to
+Zephyr documentation in Doxygen (through the use of @ref), can utilize the
+tag file exported at `zephyr.tag </doxygen/html/zephyr.tag>`_
+
+Once downloaded, the tag file can be used in a custom ``doxyfile.in`` as follows::
+
+   TAGFILES = "/path/to/zephyr.tag=https://docs.zephyrproject.org/latest/doxygen/html/"
+
+For additional information refer to `Doxygen External Documentation`_.
+
 
 .. _reStructuredText: http://sphinx-doc.org/rest.html
 .. _Sphinx: http://sphinx-doc.org/
 .. _Windows Python Path: https://docs.python.org/3/using/windows.html#finding-the-python-executable
+.. _Doxygen External Documentation: https://www.doxygen.nl/manual/external.html

doc/reference/kernel/smp/smp.rst

@@ -297,3 +297,8 @@ Note that while SMP requires :kconfig:`CONFIG_USE_SWITCH`, the reverse is not
 true.  A uniprocessor architecture built with :kconfig:`CONFIG_SMP` set to No might
 still decide to implement its context switching using
 :c:func:`arch_switch`.
+
+API Reference
+**************
+
+.. doxygengroup:: spinlock_apis

doc/reference/networking/can_api.rst

@@ -177,12 +177,12 @@ occurred. It does not block until the message is sent like the example above.
 
 .. code-block:: C
 
-  void tx_irq_callback(uint32_t error_flags, void *arg)
+  void tx_irq_callback(int error, void *arg)
   {
           char *sender = (char *)arg;
 
-          if (error_flags) {
-                  LOG_ERR("Sendig failed [%d]\nSender: %s\n", error_flags, sender);
+          if (error != 0) {
+                  LOG_ERR("Sendig failed [%d]\nSender: %s\n", error, sender);
           }
   }
 

doc/releases/release-notes-2.7.rst

@@ -2,24 +2,441 @@
 
 .. _zephyr_2.7:
 
-.. _zephyr_2.7.1:
+.. _zephyr_2.7.6:
 
-Zephyr 2.7.1
+Zephyr 2.7.6
 ####################
 
 This is an LTS maintenance release with fixes.
 
+Issues Fixed
+************
+
+These GitHub issues were addressed since the previous 2.7.5 tagged
+release:
+
+.. comment  List derived from GitHub Issue query: ...
+   * :github:`issuenumber` - issue title
+
+* :github:`32145` - use ``k_thread_foreach_unlocked()`` with shell callbacks
+* :github:`56604` - drivers: nrf: rtc: make uptime consistent for app booted from v3.x mcuboot
+* :github:`25917` - bluetooth: fix deadlock with tx of acl data and hci commands
+* :github:`47649` - bluetooth: release att notification buffer after reconnection
+* :github:`43718` - bluetooth: bt_conn: ensure tx buffers can be allocated within timeout
+* :github:`60707` - canbus: isotp: seal context buffer memory leaks
+* :github:`60904` - drivers: spi_nor: make erase operation more opportunistic
+* :github:`61451` - drivers: can: stm32: correct timing_max parameters
+* :github:`61501` - canbus: isotp: convert SF length check from ``ASSERT`` to runtime check
+* :github:`61544` - drivers: ieee802154_nrf5: add payload length check on TX
+* :github:`61784` - bluetooth: controller: check minmum sizes of adv PDUs
+* :github:`62003` - drivers: dma: sam: implement xdmac ``get_status()`` API
+* :github:`62701` - can: rework the table lookup code in ``can_dlc_to_bytes()``
+* :github:`63544` - drivers: can: mcan: move RF0L and RF1L to line 1
+* :github:`63835` - net_mgmt: return ``EMSGSIZE`` if buffer passed to ``recvfrom()`` is too small
+* :github:`63965` - logging: fix handling of ``CONFIG_LOG_BLOCK_IN_THREAD_TIMEOUT_MS``
+* :github:`64398` - drivers: can: be consistent in ``filter_id`` checks when removing rx filters
+* :github:`65548` - cmake: modules: dts: fix board revision 0 overlay
+* :github:`66500` - toolchain: support ``CONFIG_COMPILER_WARNINGS_AS_ERRORS``
+* :github:`66888` - net: ipv6: drop received packets sent by the same interface
+* :github:`67692` - i2c: dw: fix integer overflow in ``i2c_dw_data_ask()``
+* :github:`69167` - fs: fuse: avoid possible buffer overflow
+* :github:`69637` - userspace: additional checks in ``K_SYSCALL_MEMORY``
+
 Security Vulnerability Related
 ******************************
 
 The following security vulnerabilities (CVEs) were addressed in this
 release:
 
-* (N/A)
+* CVE-2023-4263 `Zephyr project bug tracker GHSA-rf6q-rhhp-pqhf
+  <https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-rf6q-rhhp-pqhf>`_
+
+* CVE-2023-4424: `Zephyr project bug tracker GHSA-j4qm-xgpf-qjw3
+  <https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-j4qm-xgpf-qjw3>`_
+
+* CVE-2023-5779 `Zephyr project bug tracker GHSA-7cmj-963q-jj47
+  <https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-7cmj-963q-jj47>`_
+
+* CVE-2023-6249 `Zephyr project bug tracker GHSA-32f5-3p9h-2rqc
+  <https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-32f5-3p9h-2rqc>`_
+
+* CVE-2023-6881 `Zephyr project bug tracker GHSA-mh67-4h3q-p437
+  <https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-mh67-4h3q-p437>`_
 
 More detailed information can be found in:
 https://docs.zephyrproject.org/latest/security/vulnerabilities.html
 
+.. _zephyr_2.7.5:
+
+Zephyr 2.7.5
+####################
+
+This is an LTS maintenance release with fixes.
+
+Issues Fixed
+************
+
+These GitHub issues were addressed since the previous 2.7.4 tagged
+release:
+
+.. comment  List derived from GitHub Issue query: ...
+   * :github:`issuenumber` - issue title
+
+* :github:`41111` - utils: tmcvt: fix integer overflow after 6.4 days with ``gettimeofday()`` and ``z_tmcvt()``
+* :github:`51663` - tests: kernel: increase coverage for kernel and mmu tests
+* :github:`53124` - bmake: fix argument passing in ``zephyr_check_compiler_flag()`` cmake function
+* :github:`53315` - net: tcp: fix possible underflow in ``tcp_flags()``.
+* :github:`53981` - scripts: fixes for ``gen_syscalls`` and ``gen_app_partitions``
+* :github:`53983` - init: correct early init time calls to ``k_current_get()`` when TLS is enabled
+* :github:`54140` - net: fix BUS FAULT when running nmap towards echo_async sample
+* :github:`54325` - coredump: support out-of-tree coredump backend definition
+* :github:`54386` - kernel: correct SMP scheduling with more than 2 CPUs
+* :github:`54527` - tests: kernel: remove faulty test from tests/kernel/poll
+* :github:`55019` - bluetooth: initialize backport of #54905 failed
+* :github:`55068` - net: ipv6: validate arguments in ``net_if_ipv6_set_reachable_time()``
+* :github:`55069` - net: core: ``net pkt`` shell command missing input validation
+* :github:`55323` - logging: fix userspace runtime filtering
+* :github:`55490` - cxx: fix compile error in C++ project for bad flags ``-Wno-pointer-sign`` and ``-Werror=implicit-int``
+* :github:`56071` - security: MbedTLS: update to v2.28.3
+* :github:`56729` - posix: SCHED_RR valid thread priorities
+* :github:`57210` - drivers: pcie: endpoint: pcie_ep_iproc: correct use of optional devicetree binding
+* :github:`57419` - tests: dma: support 64-bit addressing in tests
+* :github:`57710` - posix: support building eventfd on arm-clang
+
+mbedTLS
+*******
+
+Moving mbedTLS to 2.28.x series (2.28.3 precisely). This is a LTS release
+that will be supported with bug fixes and security fixes until the end of 2024.
+
+Detailed information can be found in:
+https://github.com/Mbed-TLS/mbedtls/releases/tag/v2.28.3
+https://github.com/zephyrproject-rtos/zephyr/issues/56071
+
+This version is incompatible with TF-M and because of this TF-M is no longer
+supported in Zephyr LTS. If TF-M is required it can be manually added back
+changing the mbedTLS revision on ``west.yaml`` to the previous one
+(5765cb7f75a9973ae9232d438e361a9d7bbc49e7). This should be carefully assessed
+by a security expert to ensure that the know vulnerabilities in that version
+don't affect the product.
+
+Vulnerabilities addressed in this update:
+
+* MBEDTLS_AESNI_C, which is enabled by default, was silently ignored on
+  builds that couldn't compile the GCC-style assembly implementation
+  (most notably builds with Visual Studio), leaving them vulnerable to
+  timing side-channel attacks. There is now an intrinsics-based AES-NI
+  implementation as a fallback for when the assembly one cannot be used.
+
+* Fix potential heap buffer overread and overwrite in DTLS if
+  MBEDTLS_SSL_DTLS_CONNECTION_ID is enabled and
+  MBEDTLS_SSL_CID_IN_LEN_MAX > 2 * MBEDTLS_SSL_CID_OUT_LEN_MAX.
+
+* An adversary with access to precise enough information about memory
+  accesses (typically, an untrusted operating system attacking a secure
+  enclave) could recover an RSA private key after observing the victim
+  performing a single private-key operation if the window size used for the
+  exponentiation was 3 or smaller. Found and reported by Zili KOU,
+  Wenjian HE, Sharad Sinha, and Wei ZHANG. See "Cache Side-channel Attacks
+  and Defenses of the Sliding Window Algorithm in TEEs" - Design, Automation
+  and Test in Europe 2023.
+
+* Zeroize dynamically-allocated buffers used by the PSA Crypto key storage
+  module before freeing them. These buffers contain secret key material, and
+  could thus potentially leak the key through freed heap.
+
+* Fix a potential heap buffer overread in TLS 1.2 server-side when
+  MBEDTLS_USE_PSA_CRYPTO is enabled, an opaque key (created with
+  mbedtls_pk_setup_opaque()) is provisioned, and a static ECDH ciphersuite
+  is selected. This may result in an application crash or potentially an
+  information leak.
+
+* Fix a buffer overread in DTLS ClientHello parsing in servers with
+  MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE enabled. An unauthenticated client
+  or a man-in-the-middle could cause a DTLS server to read up to 255 bytes
+  after the end of the SSL input buffer. The buffer overread only happens
+  when MBEDTLS_SSL_IN_CONTENT_LEN is less than a threshold that depends on
+  the exact configuration: 258 bytes if using mbedtls_ssl_cookie_check(),
+  and possibly up to 571 bytes with a custom cookie check function.
+  Reported by the Cybeats PSI Team.
+
+* Zeroize several intermediate variables used to calculate the expected
+  value when verifying a MAC or AEAD tag. This hardens the library in
+  case the value leaks through a memory disclosure vulnerability. For
+  example, a memory disclosure vulnerability could have allowed a
+  man-in-the-middle to inject fake ciphertext into a DTLS connection.
+
+* In psa_cipher_generate_iv() and psa_cipher_encrypt(), do not read back
+  from the output buffer. This fixes a potential policy bypass or decryption
+  oracle vulnerability if the output buffer is in memory that is shared with
+  an untrusted application.
+
+* Fix a double-free that happened after mbedtls_ssl_set_session() or
+  mbedtls_ssl_get_session() failed with MBEDTLS_ERR_SSL_ALLOC_FAILED
+  (out of memory). After that, calling mbedtls_ssl_session_free()
+  and mbedtls_ssl_free() would cause an internal session buffer to
+  be free()'d twice.
+
+* Fix a bias in the generation of finite-field Diffie-Hellman-Merkle (DHM)
+  private keys and of blinding values for DHM and elliptic curves (ECP)
+  computations.
+
+* Fix a potential side channel vulnerability in ECDSA ephemeral key generation.
+  An adversary who is capable of very precise timing measurements could
+  learn partial information about the leading bits of the nonce used for the
+  signature, allowing the recovery of the private key after observing a
+  large number of signature operations. This completes a partial fix in
+  Mbed TLS 2.20.0.
+
+Security Vulnerability Related
+******************************
+
+The following security vulnerabilities (CVEs) were addressed in this
+release:
+
+* CVE-2023-0397: `Zephyr project bug tracker GHSA-wc2h-h868-q7hj
+  <https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-wc2h-h868-q7hj>`_
+
+* CVE-2023-0779: `Zephyr project bug tracker GHSA-9xj8-6989-r549
+  <https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-9xj8-6989-r549>`_
+
+More detailed information can be found in:
+https://docs.zephyrproject.org/latest/security/vulnerabilities.html
+
+.. _zephyr_2.7.4:
+
+Zephyr 2.7.4
+####################
+
+This is an LTS maintenance release with fixes.
+
+Issues Fixed
+************
+
+These GitHub issues were addressed since the previous 2.7.3 tagged
+release:
+
+.. comment  List derived from GitHub Issue query: ...
+   * :github:`issuenumber` - issue title
+
+* :github:`25417` - net: socket: socketpair: check for ISR context
+* :github:`41012` - irq_enable() doesn’t support enabling NVIC IRQ number more than 127
+* :github:`44070` - west spdx TypeError: 'NoneType' object is not iterable
+* :github:`46072` - subsys/hawkBit: Debug log error in hawkbit example "CONFIG_LOG_STRDUP_MAX_STRING"
+* :github:`48056` - Possible null pointer dereference after k_mutex_lock times out
+* :github:`49102` - hawkbit - dns name randomly not resolved
+* :github:`49139` - can't run west or DT tests on windows / py 3.6
+* :github:`49564` - Newer versions of pylink are not supported in latest zephyr 2.7 release
+* :github:`49569` - Backport cmake string cache fix to v2.7 branch
+* :github:`50221` - tests: debug: test case subsys/debug/coredump failed on acrn_ehl_crb on branch v2.7
+* :github:`50467` - Possible memory corruption on ARC when userspace is enabled
+* :github:`50468` - Incorrect Z_THREAD_STACK_BUFFER in arch_start_cpu for Xtensa
+* :github:`50961` - drivers: counter: Update counter_set_channel_alarm documentation
+* :github:`51714` - Bluetooth: Application with buffer that cannot unref it in disconnect handler leads to advertising issues
+* :github:`51776` - POSIX API is not portable across arches
+* :github:`52247` - mgmt: mcumgr: image upload, then image erase, then image upload does not restart upload from start
+* :github:`52517` - lib: posix: sleep() does not return the number of seconds left if interrupted
+* :github:`52518` - lib: posix: usleep() does not follow the POSIX spec
+* :github:`52542` - lib: posix: make sleep() and usleep() standards-compliant
+* :github:`52591` - mcumgr user data size out of sync with net buffer user data size
+* :github:`52829` - kernel/sched: Fix SMP race on pend
+* :github:`53088` - Unable to chage initialization priority of logging subsys
+
+Security Vulnerability Related
+******************************
+
+The following security vulnerabilities (CVEs) were addressed in this
+release:
+
+* CVE-2022-2741: `Zephyr project bug tracker GHSA-hx5v-j59q-c3j8
+  <https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-hx5v-j59q-c3j8>`_
+
+* CVE-2022-1841: `Zephyr project bug tracker GHSA-5c3j-p8cr-2pgh
+  <https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-5c3j-p8cr-2pgh>`_
+
+More detailed information can be found in:
+https://docs.zephyrproject.org/latest/security/vulnerabilities.html
+
+.. _zephyr_2.7.3:
+
+Zephyr 2.7.3
+####################
+
+This is an LTS maintenance release with fixes.
+
+Issues Fixed
+************
+
+These GitHub issues were addressed since the previous 2.7.2 tagged
+release:
+
+.. comment  List derived from GitHub Issue query: ...
+   * :github:`issuenumber` - issue title
+
+* :github:`39882` - Bluetooth Host qualification on 2.7 branch
+* :github:`41074` - can_mcan_send sends corrupted CAN frames with a byte-by-byte memcpy implementation
+* :github:`43479` - Bluetooth: Controller: Fix per adv scheduling issue
+* :github:`43694` - drivers: spi: stm32 spi with dma must enable cs after periph
+* :github:`44089` - logging: shell backend: null-deref when logs are dropped
+* :github:`45341` - Add new EHL SKUs for IBECC
+* :github:`45529` - GdbStub get_mem_region bugfix
+* :github:`46621` - drivers: i2c: Infinite recursion in driver unregister function
+* :github:`46698` - sm351 driver faults when using global thread
+* :github:`46706` - add missing checks for segment number
+* :github:`46757` - Bluetooth: Controller: Missing validation of unsupported PHY when performing PHY update
+* :github:`46807` - lib: posix: semaphore: use consistent timebase in sem_timedwait
+* :github:`46822` - L2CAP disconnected packet timing in ecred reconf function
+* :github:`46994` - Incorrect Xtensa toolchain path resolution
+* :github:`47356` - cpp: global static object initialisation may fail for MMU and MPU platforms
+* :github:`47609` - posix: pthread: descriptor leak with pthread_join
+* :github:`47955` - drivers: can: various RTR fixes
+* :github:`48249` - boards: nucleo_wb55rg: documentation BLE binary compatibility issue
+* :github:`48271` - net: Possible net_pkt leak in ipv6 multicast forwarding
+
+Security Vulnerability Related
+******************************
+
+The following security vulnerabilities (CVEs) were addressed in this
+release:
+
+* CVE-2022-2741: Under embargo until 2022-10-14
+
+* CVE-2022-1042: `Zephyr project bug tracker GHSA-j7v7-w73r-mm5x
+  <https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-j7v7-w73r-mm5x>`_
+
+* CVE-2022-1041: `Zephyr project bug tracker GHSA-p449-9hv9-pj38
+  <https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-p449-9hv9-pj38>`_
+
+* CVE-2021-3966: `Zephyr project bug tracker GHSA-hfxq-3w6x-fv2m
+  <https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-hfxq-3w6x-fv2m>`_
+
+More detailed information can be found in:
+https://docs.zephyrproject.org/latest/security/vulnerabilities.html
+
+.. _zephyr_2.7.2:
+
+Zephyr 2.7.2
+####################
+
+This is an LTS maintenance release with fixes.
+
+Issues Fixed
+************
+
+These GitHub issues were addressed since the previous 2.7.1 tagged
+release:
+
+.. comment  List derived from GitHub Issue query: ...
+   * :github:`issuenumber` - issue title
+
+* :github:`23419` - posix: clock: No thread safety clock_getime / clock_settime
+* :github:`30367` - TCP2 does not send our MSS to peer
+* :github:`37389` - nucleo_g0b1re: Swapping image in mcuboot results in hard fault and softbricks the device
+* :github:`38268` - Multiple defects in "Multi Producer Single Consumer Packet Buffer" library
+* :github:`38576` - net shell: self-connecting to TCP might lead to a crash
+* :github:`39184` - HawkBit hash mismatch
+* :github:`39242` - net: sockets: Zephyr Fatal in dns_resolve_cb if dns request was attempted in offline state
+* :github:`39399` - linker: Missing align __itcm_load_start / __dtcm_data_load_start linker symbols
+* :github:`39608` - stm32: lpuart: 9600 baudrate doesn't work
+* :github:`39609` - spi: slave: division by zero in timeout calculation
+* :github:`39660` - poll() not notified when a TLS/TCP connection is closed without TLS close_notify
+* :github:`39687` - sensor: qdec_nrfx: PM callback has incorrect signature
+* :github:`39774` - modem: uart mux reading optimization never used
+* :github:`39882` - Bluetooth Host qualification on 2.7 branch
+* :github:`40163` - Use correct clock frequency for systick+DWT
+* :github:`40464` - Dereferencing NULL with getsockname() on TI Simplelink Platform
+* :github:`40578` - MODBUS RS-485 transceiver support broken on several platforms due to DE race condition
+* :github:`40614` - poll: the code judgment condition is always true
+* :github:`40640` - drivers: usb_dc_native_posix: segfault when using composite USB device
+* :github:`40730` - More power supply modes on STM32H7XX
+* :github:`40775` - stm32: multi-threading broken after #40173
+* :github:`40795` - Timer signal thread execution loop break SMP on ARM64
+* :github:`40925` - mesh_badge not working reel_board_v2
+* :github:`40985` - net: icmpv6: Add support for Route Info option in Router Advertisement
+* :github:`41026` - LoRa: sx126x: DIO1 interrupt left enabled in sleep mode
+* :github:`41077` - console: gsm_mux: could not send more than 128 bytes of data on dlci
+* :github:`41089` - power modes for STM32H7
+* :github:`41095` - libc: newlib: 'gettimeofday' causes stack overflow on non-POSIX builds
+* :github:`41237` - drivers: ieee802154_dw1000: use dedicated workqueue
+* :github:`41240` - logging can get messed up when messages are dropped
+* :github:`41284` - pthread_cond_wait return value incorrect
+* :github:`41339` - stm32, Unable to read UART while checking from Framing error.
+* :github:`41488` - Stall logging on nrf52840
+* :github:`41499` - drivers: iwdg: stm32: WDT_OPT_PAUSE_HALTED_BY_DBG might not work
+* :github:`41503` - including net/socket.h fails with redefinition of struct zsock_timeval (sometimes :-) )
+* :github:`41529` - documentation: generate Doxygen tag file
+* :github:`41536` - Backport STM32 SMPS Support to v2.7.0
+* :github:`41582` - stm32h7: CSI as PLL source is broken
+* :github:`41683` - http_client: Unreliable rsp->body_start pointer
+* :github:`41915` - regression: Build fails after switching logging to V2
+* :github:`41942` - k_delayable_work being used as k_work in work's handler
+* :github:`41952` - Log timestamp overflows when using LOGv2
+* :github:`42164` - tests/bluetooth/tester broken after switch to logging v2
+* :github:`42271` - drivers: can: m_can: The can_set_bitrate() function doesn't work.
+* :github:`42299` - spi: nRF HAL driver asserts when PM is used
+* :github:`42373` - add k_spin_lock() to doxygen prior to v3.0 release
+* :github:`42581` - include: drivers: clock_control: stm32 incorrect DT_PROP is used for xtpre
+* :github:`42615` - Bluetooth: Controller: Missing ticks slot offset calculation in Periodic Advertising event scheduling
+* :github:`42622` - pm: pm_device structure bigger than nessecary when PM_DEVICE_RUNTIME not set
+* :github:`42631` - Unable to identify owner of net_mgmt_lock easily
+* :github:`42825` - MQTT client disconnection (EAGAIN) on publish with big payload
+* :github:`42862` - Bluetooth: L2CAP: Security check on l2cap request is wrong
+* :github:`43117` - Not possible to create more than one shield.
+* :github:`43130` - STM32WL ADC idles / doesn't work
+* :github:`43176` - net/icmpv4: client possible to ddos itself when there's an error for the broadcasted packet
+* :github:`43177` - net: shell: errno not cleared before calling the strtol
+* :github:`43178` - net: ip: route: log_strdup misuse
+* :github:`43179` - net: tcp: forever loop in tcp_resend_data
+* :github:`43180` - net: tcp: possible deadlock in tcp_conn_unref()
+* :github:`43181` - net: sockets: net_pkt leak in accept
+* :github:`43182` - net: arp: ARP retransmission source address selection
+* :github:`43183` - net: mqtt: setsockopt leak on failure
+* :github:`43184` - arm: Wrong macro used for z_interrupt_stacks declaration in stack.h
+* :github:`43185` - arm: cortex-m: uninitialised ptr_esf in get_esf() in fault.c
+* :github:`43470` - wifi: esp_at: race condition on mutex's leading to deadlock
+* :github:`43490` - net: sockets: userspace accept() crashes with NULL addr/addrlen pointer
+* :github:`43548` - gen_relocate_app truncates files on incremental builds
+* :github:`43572` - stm32: wrong clock the LSI freq for stm32l0x mcus
+* :github:`43580` - hl7800: tcp stack freezes on slow response from modem
+* :github:`43807` - Test "cpp.libcxx.newlib.exception" failed on platforms which use zephyr.bin to run tests.
+* :github:`43839` - Bluetooth: controller: missing NULL assign to df_cfg in ll_adv_set
+* :github:`43853` - X86 MSI messages always get to BSP core (need a fix to be backported)
+* :github:`43858` - mcumgr seems to lock up when it receives command for group that does not exist
+* :github:`44107` - The SMP nsim boards are started incorrectly when launching on real HW
+* :github:`44310` - net: gptp: type mismatch calculation error in gptp_mi
+* :github:`44336` - nucleo_wb55rg: stm32cubeprogrammer runner is missing for twister tests
+* :github:`44337` - twister: Miss sn option to stm32cubeprogrgammer runner
+* :github:`44352` - stm32l5x boards missing the openocd runner
+* :github:`44497` - Add guide for disabling MSD on JLink OB devices and link to from smp_svr page
+* :github:`44531` - bl654_usb without mcuboot maximum image size is not limited
+* :github:`44886` - Unable to boot Zephyr on FVP_BaseR_AEMv8R
+* :github:`44902` - x86: FPU registers are not initialised for userspace (eager FPU sharing)
+* :github:`45869` - doc: update requirements
+* :github:`45870` - drivers: virt_ivshmem: Allow multiple instances of ivShMem devices
+* :github:`45871` - ci: split Bluetooth workflow
+* :github:`45872` - ci: make git credentials non-persistent
+* :github:`45873` - soc: esp32: use PYTHON_EXECUTABLE from build system
+
+Security Vulnerability Related
+******************************
+
+The following security vulnerabilities (CVEs) were addressed in this
+release:
+
+* CVE-2021-3966: `Zephyr project bug tracker GHSA-hfxq-3w6x-fv2m
+  <https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-hfxq-3w6x-fv2m>`_
+
+More detailed information can be found in:
+https://docs.zephyrproject.org/latest/security/vulnerabilities.html
+
+
+.. _zephyr_2.7.1:
+
+Zephyr 2.7.1
+####################
+
+This is an LTS maintenance release with fixes.
+
 Issues Fixed
 ************
 
@@ -55,6 +472,19 @@ release:
 * :github:`40844` - gen_app_partitions scans object files unrelated to current image
 * :github:`41237` - drivers: ieee802154_dw1000: use dedicated workqueue
 
+Security Vulnerability Related
+******************************
+
+The following security vulnerabilities (CVEs) were addressed in this
+release:
+
+* CVE-2021-3966: `Zephyr project bug tracker GHSA-hfxq-3w6x-fv2m
+  <https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-hfxq-3w6x-fv2m>`_
+
+More detailed information can be found in:
+https://docs.zephyrproject.org/latest/security/vulnerabilities.html
+
+
 .. _zephyr_2.7.0:
 
 Zephyr 2.7.0

doc/zephyr.doxyfile.in

@@ -2064,7 +2064,7 @@ TAGFILES               =
 # tag file that is based on the input files it reads. See section "Linking to
 # external documentation" for more information about the usage of tag files.
 
-GENERATE_TAGFILE       =
+GENERATE_TAGFILE       = @DOXY_OUT@/html/zephyr.tag
 
 # If the ALLEXTERNALS tag is set to YES, all external class will be listed in
 # the class index. If set to NO, only the inherited external classes will be

drivers/adc/adc_stm32.c

@@ -319,6 +319,49 @@ static void adc_stm32_calib(const struct device *dev)
 }
 #endif
 
+/*
+ * Enable ADC peripheral, and wait until ready if required by SOC.
+ */
+static int adc_stm32_enable(ADC_TypeDef *adc)
+{
+#if defined(CONFIG_SOC_SERIES_STM32L4X) || \
+	defined(CONFIG_SOC_SERIES_STM32L5X) || \
+	defined(CONFIG_SOC_SERIES_STM32WBX) || \
+	defined(CONFIG_SOC_SERIES_STM32G0X) || \
+	defined(CONFIG_SOC_SERIES_STM32G4X) || \
+	defined(CONFIG_SOC_SERIES_STM32WLX)
+
+	if (LL_ADC_IsEnabled(adc) == 1UL) {
+		return 0;
+	}
+
+	LL_ADC_ClearFlag_ADRDY(adc);
+	LL_ADC_Enable(adc);
+
+	/*
+	 * Enabling ADC modules in L4, WB, G0 and G4 series may fail if they are
+	 * still not stabilized, this will wait for a short time to ensure ADC
+	 * modules are properly enabled.
+	 */
+	uint32_t count_timeout = 0;
+
+	while (LL_ADC_IsActiveFlag_ADRDY(adc) == 0) {
+		if (LL_ADC_IsEnabled(adc) == 0UL) {
+			LL_ADC_Enable(adc);
+			count_timeout++;
+			if (count_timeout == 10) {
+				return -ETIMEDOUT;
+			}
+		}
+	}
+#else
+	LL_ADC_Enable(adc);
+#endif
+
+	return 0;
+}
+
+
 static int start_read(const struct device *dev,
 		      const struct adc_sequence *sequence)
 {
@@ -409,9 +452,10 @@ static int start_read(const struct device *dev,
 		return err;
 	}
 
-#if defined(CONFIG_SOC_SERIES_STM32G0X)
+#if defined(CONFIG_SOC_SERIES_STM32G0X) || \
+	defined(CONFIG_SOC_SERIES_STM32WLX)
 	/*
-	 * Errata: Writing ADC_CFGR1 register while ADEN bit is set
+	 * Writing ADC_CFGR1 register while ADEN bit is set
 	 * resets RES[1:0] bitfield. We need to disable and enable adc.
 	 */
 	if (LL_ADC_IsEnabled(adc) == 1UL) {
@@ -420,15 +464,14 @@ static int start_read(const struct device *dev,
 	while (LL_ADC_IsEnabled(adc) == 1UL) {
 	}
 	LL_ADC_SetResolution(adc, resolution);
-	LL_ADC_Enable(adc);
-	while (LL_ADC_IsActiveFlag_ADRDY(adc) != 1UL) {
-	}
+	adc_stm32_enable(adc);
 #elif !defined(CONFIG_SOC_SERIES_STM32F1X) && \
 	!defined(STM32F3X_ADC_V2_5)
 	LL_ADC_SetResolution(adc, resolution);
 #endif
 
-#ifdef CONFIG_SOC_SERIES_STM32L0X
+#if defined(CONFIG_SOC_SERIES_STM32L0X) || \
+	defined(CONFIG_SOC_SERIES_STM32WLX)
 	/*
 	 * setting OVS bits is conditioned to ADC state: ADC must be disabled
 	 * or enabled without conversion on going : disable it, it will stop
@@ -524,11 +567,11 @@ static int start_read(const struct device *dev,
 		break;
 	default:
 		LOG_ERR("Invalid oversampling");
-		LL_ADC_Enable(adc);
+		adc_stm32_enable(adc);
 		return -EINVAL;
 	}
 	/* re-enable ADC after changing the OVS */
-	LL_ADC_Enable(adc);
+	adc_stm32_enable(adc);
 #else
 	if (sequence->oversampling) {
 		LOG_ERR("Oversampling not supported");
@@ -543,7 +586,14 @@ static int start_read(const struct device *dev,
 	!defined(CONFIG_SOC_SERIES_STM32F1X) && \
 	!defined(STM32F3X_ADC_V2_5) && \
 	!defined(CONFIG_SOC_SERIES_STM32L1X)
+
+		/* we cannot calibrate the ADC while the ADC is enabled */
+		LL_ADC_Disable(adc);
+		while (LL_ADC_IsEnabled(adc) == 1UL) {
+		}
 		adc_stm32_calib(dev);
+		/* re-enable ADC after calibration */
+		adc_stm32_enable(adc);
 #else
 		LOG_ERR("Calibration not supported");
 		return -ENOTSUP;
@@ -564,7 +614,7 @@ static int start_read(const struct device *dev,
 #elif defined(CONFIG_SOC_SERIES_STM32F1X)
 	LL_ADC_EnableIT_EOS(adc);
 #elif defined(STM32F3X_ADC_V2_5)
-	LL_ADC_Enable(adc);
+	adc_stm32_enable(adc);
 	LL_ADC_EnableIT_EOS(adc);
 #else
 	LL_ADC_EnableIT_EOCS(adc);
@@ -904,32 +954,10 @@ static int adc_stm32_init(const struct device *dev)
 	}
 #endif
 
-	LL_ADC_Enable(adc);
-
-#if defined(CONFIG_SOC_SERIES_STM32L4X) || \
-	defined(CONFIG_SOC_SERIES_STM32L5X) || \
-	defined(CONFIG_SOC_SERIES_STM32WBX) || \
-	defined(CONFIG_SOC_SERIES_STM32G0X) || \
-	defined(CONFIG_SOC_SERIES_STM32G4X) || \
-	defined(CONFIG_SOC_SERIES_STM32H7X) || \
-	defined(CONFIG_SOC_SERIES_STM32WLX)
-	/*
-	 * Enabling ADC modules in L4, WB, G0 and G4 series may fail if they are
-	 * still not stabilized, this will wait for a short time to ensure ADC
-	 * modules are properly enabled.
-	 */
-	uint32_t countTimeout = 0;
-
-	while (LL_ADC_IsActiveFlag_ADRDY(adc) == 0) {
-		if (LL_ADC_IsEnabled(adc) == 0UL) {
-			LL_ADC_Enable(adc);
-			countTimeout++;
-			if (countTimeout == 10) {
-				return -ETIMEDOUT;
-			}
-		}
+	err = adc_stm32_enable(adc);
+	if (err < 0) {
+		return err;
 	}
-#endif
 
 	config->irq_cfg_func();
 

drivers/can/can_loopback.c

@@ -11,6 +11,9 @@
 #include "can_loopback.h"
 
 #include <logging/log.h>
+
+#include "can_utils.h"
+
 LOG_MODULE_DECLARE(can_driver, CONFIG_CAN_LOG_LEVEL);
 
 K_KERNEL_STACK_DEFINE(tx_thread_stack,
@@ -41,13 +44,6 @@ static void dispatch_frame(const struct zcan_frame *frame,
 	filter->rx_cb(&frame_tmp, filter->cb_arg);
 }
 
-static inline int check_filter_match(const struct zcan_frame *frame,
-				     const struct zcan_filter *filter)
-{
-	return ((filter->id & filter->id_mask) ==
-		(frame->id & filter->id_mask));
-}
-
 void tx_thread(void *data_arg, void *arg2, void *arg3)
 {
 	ARG_UNUSED(arg2);
@@ -63,7 +59,7 @@ void tx_thread(void *data_arg, void *arg2, void *arg3)
 		for (int i = 0; i < CONFIG_CAN_MAX_FILTER; i++) {
 			filter = &data->filters[i];
 			if (filter->rx_cb &&
-			    check_filter_match(&frame.frame, &filter->filter)) {
+			    can_utils_filter_match(&frame.frame, &filter->filter) != 0) {
 				dispatch_frame(&frame.frame, filter);
 			}
 		}
@@ -175,6 +171,11 @@ void can_loopback_detach(const struct device *dev, int filter_id)
 {
 	struct can_loopback_data *data = DEV_DATA(dev);
 
+	if (filter_id < 0 || filter_id >= ARRAY_SIZE(data->filters)) {
+		LOG_ERR("filter ID %d out of bounds", filter_id);
+		return;
+	}
+
 	LOG_DBG("Detach filter ID: %d", filter_id);
 	k_mutex_lock(&data->mtx, K_FOREVER);
 	data->filters[filter_id].rx_cb = NULL;

drivers/can/can_mcan.c

@@ -23,6 +23,34 @@ LOG_MODULE_DECLARE(can_driver, CONFIG_CAN_LOG_LEVEL);
 #define MCAN_MAX_DLC CAN_MAX_DLC
 #endif
 
+static void memcpy32_volatile(volatile void *dst_, const volatile void *src_,
+			      size_t len)
+{
+	volatile uint32_t *dst = dst_;
+	const volatile uint32_t *src = src_;
+
+	__ASSERT(len % 4 == 0, "len must be a multiple of 4!");
+	len /= sizeof(uint32_t);
+
+	while (len--) {
+		*dst = *src;
+		++dst;
+		++src;
+	}
+}
+
+static void memset32_volatile(volatile void *dst_, uint32_t val, size_t len)
+{
+	volatile uint32_t *dst = dst_;
+
+	__ASSERT(len % 4 == 0, "len must be a multiple of 4!");
+	len /= sizeof(uint32_t);
+
+	while (len--) {
+		*dst++ = val;
+	}
+}
+
 static int can_exit_sleep_mode(struct can_mcan_reg *can)
 {
 	uint32_t start_time;
@@ -149,6 +177,9 @@ int can_mcan_set_timing(const struct can_mcan_config *cfg,
 		return -EIO;
 	}
 
+	/* Configuration Change Enable */
+	can->cccr |= CAN_MCAN_CCCR_CCE;
+
 	can_mcan_configure_timing(can, timing, timing_data);
 
 	ret = can_leave_init_mode(can, K_MSEC(CAN_INIT_TIMEOUT));
@@ -373,7 +404,8 @@ int can_mcan_init(const struct device *dev, const struct can_mcan_config *cfg,
 #ifdef CONFIG_CAN_STM32FD
 	can->ils = CAN_MCAN_ILS_RXFIFO0 | CAN_MCAN_ILS_RXFIFO1;
 #else
-	can->ils = CAN_MCAN_ILS_RF0N | CAN_MCAN_ILS_RF1N;
+	can->ils = CAN_MCAN_ILS_RF0N | CAN_MCAN_ILS_RF1N |
+		CAN_MCAN_ILS_RF0L | CAN_MCAN_ILS_RF1L;
 #endif
 	can->ile = CAN_MCAN_ILE_EINT0 | CAN_MCAN_ILE_EINT1;
 	/* Interrupt on every TX fifo element*/
@@ -386,12 +418,7 @@ int can_mcan_init(const struct device *dev, const struct can_mcan_config *cfg,
 	}
 
 	/* No memset because only aligned ptr are allowed */
-	for (uint32_t *ptr = (uint32_t *)msg_ram;
-	     ptr < (uint32_t *)msg_ram +
-		   sizeof(struct can_mcan_msg_sram) / sizeof(uint32_t);
-	     ptr++) {
-		*ptr = 0;
-	}
+	memset32_volatile(msg_ram, 0, sizeof(struct can_mcan_msg_sram));
 
 	return 0;
 }
@@ -483,15 +510,17 @@ static void can_mcan_get_message(struct can_mcan_data *data,
 	uint32_t get_idx, filt_idx;
 	struct zcan_frame frame;
 	can_rx_callback_t cb;
-	volatile uint32_t *src, *dst, *end;
 	int data_length;
 	void *cb_arg;
 	struct can_mcan_rx_fifo_hdr hdr;
+	bool rtr_filter_mask;
+	bool rtr_filter;
 
 	while ((*fifo_status_reg & CAN_MCAN_RXF0S_F0FL)) {
 		get_idx = (*fifo_status_reg & CAN_MCAN_RXF0S_F0GI) >>
 			   CAN_MCAN_RXF0S_F0GI_POS;
-		hdr = fifo[get_idx].hdr;
+		memcpy32_volatile(&hdr, &fifo[get_idx].hdr,
+				  sizeof(struct can_mcan_rx_fifo_hdr));
 
 		if (hdr.xtd) {
 			frame.id = hdr.ext_id;
@@ -511,24 +540,25 @@ static void can_mcan_get_message(struct can_mcan_data *data,
 
 		filt_idx = hdr.fidx;
 
-		/* Check if RTR must match */
-		if ((hdr.xtd && data->ext_filt_rtr_mask & (1U << filt_idx) &&
-		     ((data->ext_filt_rtr >> filt_idx) & 1U) != frame.rtr) ||
-		    (data->std_filt_rtr_mask &  (1U << filt_idx) &&
-		     ((data->std_filt_rtr >> filt_idx) & 1U) != frame.rtr)) {
+		if (hdr.xtd != 0) {
+			rtr_filter_mask = (data->ext_filt_rtr_mask & BIT(filt_idx)) != 0;
+			rtr_filter = (data->ext_filt_rtr & BIT(filt_idx)) != 0;
+		} else {
+			rtr_filter_mask = (data->std_filt_rtr_mask & BIT(filt_idx)) != 0;
+			rtr_filter = (data->std_filt_rtr & BIT(filt_idx)) != 0;
+		}
+
+		if (rtr_filter_mask && (rtr_filter != frame.rtr)) {
+			/* RTR bit does not match filter RTR mask and bit, drop frame */
+			*fifo_ack_reg = get_idx;
 			continue;
 		}
 
 		data_length = can_dlc_to_bytes(frame.dlc);
 		if (data_length <= sizeof(frame.data)) {
 			/* data needs to be written in 32 bit blocks!*/
-			for (src = fifo[get_idx].data_32,
-			     dst = frame.data_32,
-			     end = dst + CAN_DIV_CEIL(data_length, sizeof(uint32_t));
-			     dst < end;
-			     src++, dst++) {
-				*dst = *src;
-			}
+			memcpy32_volatile(frame.data_32, fifo[get_idx].data_32,
+					  ROUND_UP(data_length, sizeof(uint32_t)));
 
 			if (frame.id_type == CAN_STANDARD_IDENTIFIER) {
 				LOG_DBG("Frame on filter %d, ID: 0x%x",
@@ -644,8 +674,6 @@ int can_mcan_send(const struct can_mcan_config *cfg,
 	uint32_t put_idx;
 	int ret;
 	struct can_mcan_mm mm;
-	volatile uint32_t *dst, *end;
-	const uint32_t *src;
 
 	LOG_DBG("Sending %d bytes. Id: 0x%x, ID type: %s %s %s %s",
 		data_length, frame->id,
@@ -693,15 +721,9 @@ int can_mcan_send(const struct can_mcan_config *cfg,
 		tx_hdr.ext_id = frame->id;
 	}
 
-	msg_ram->tx_buffer[put_idx].hdr = tx_hdr;
-
-	for (src = frame->data_32,
-		dst = msg_ram->tx_buffer[put_idx].data_32,
-		end = dst + CAN_DIV_CEIL(data_length, sizeof(uint32_t));
-		dst < end;
-		src++, dst++) {
-		*dst = *src;
-	}
+	memcpy32_volatile(&msg_ram->tx_buffer[put_idx].hdr, &tx_hdr, sizeof(tx_hdr));
+	memcpy32_volatile(msg_ram->tx_buffer[put_idx].data_32, frame->data_32,
+			  ROUND_UP(data_length, 4));
 
 	data->tx_fin_cb[put_idx] = callback;
 	data->tx_fin_cb_arg[put_idx] = callback_arg;
@@ -758,7 +780,8 @@ int can_mcan_attach_std(struct can_mcan_data *data,
 	filter_element.sfce = filter_nr & 0x01 ? CAN_MCAN_FCE_FIFO1 :
 						 CAN_MCAN_FCE_FIFO0;
 
-	msg_ram->std_filt[filter_nr] = filter_element;
+	memcpy32_volatile(&msg_ram->std_filt[filter_nr], &filter_element,
+			 sizeof(struct can_mcan_std_filter));
 
 	k_mutex_unlock(&data->inst_mutex);
 
@@ -817,7 +840,8 @@ static int can_mcan_attach_ext(struct can_mcan_data *data,
 	filter_element.efce = filter_nr & 0x01 ? CAN_MCAN_FCE_FIFO1 :
 						 CAN_MCAN_FCE_FIFO0;
 
-	msg_ram->ext_filt[filter_nr] = filter_element;
+	memcpy32_volatile(&msg_ram->ext_filt[filter_nr], &filter_element,
+			  sizeof(struct can_mcan_ext_filter));
 
 	k_mutex_unlock(&data->inst_mutex);
 
@@ -871,21 +895,25 @@ int can_mcan_attach_isr(struct can_mcan_data *data,
 void can_mcan_detach(struct can_mcan_data *data,
 		     struct can_mcan_msg_sram *msg_ram, int filter_nr)
 {
-	const struct can_mcan_ext_filter ext_filter = {0};
-	const struct can_mcan_std_filter std_filter = {0};
+	if (filter_nr < 0) {
+		LOG_ERR("filter ID %d out of bounds", filter_nr);
+		return;
+	}
 
 	k_mutex_lock(&data->inst_mutex, K_FOREVER);
 	if (filter_nr >= NUM_STD_FILTER_DATA) {
 		filter_nr -= NUM_STD_FILTER_DATA;
 		if (filter_nr >= NUM_STD_FILTER_DATA) {
-			LOG_ERR("Wrong filter id");
+			LOG_ERR("filter ID %d out of bounds", filter_nr);
 			return;
 		}
 
-		msg_ram->ext_filt[filter_nr] = ext_filter;
+		memset32_volatile(&msg_ram->ext_filt[filter_nr], 0,
+				  sizeof(struct can_mcan_ext_filter));
 		data->rx_cb_ext[filter_nr] = NULL;
 	} else {
-		msg_ram->std_filt[filter_nr] = std_filter;
+		memset32_volatile(&msg_ram->std_filt[filter_nr], 0,
+				  sizeof(struct can_mcan_std_filter));
 		data->rx_cb_std[filter_nr] = NULL;
 	}
 

drivers/can/can_mcan.h

@@ -48,7 +48,7 @@ struct can_mcan_rx_fifo_hdr {
 	volatile uint32_t res  :  2; /* Reserved */
 	volatile uint32_t fidx :  7; /* Filter Index */
 	volatile uint32_t anmf :  1; /* Accepted non-matching frame */
-} __packed;
+} __packed __aligned(4);
 
 struct can_mcan_rx_fifo {
 	struct can_mcan_rx_fifo_hdr hdr;
@@ -56,7 +56,7 @@ struct can_mcan_rx_fifo {
 		volatile uint8_t  data[64];
 		volatile uint32_t data_32[16];
 	};
-} __packed;
+} __packed __aligned(4);
 
 struct can_mcan_mm {
 	volatile uint8_t idx : 5;
@@ -84,7 +84,7 @@ struct can_mcan_tx_buffer_hdr {
 	volatile uint8_t res2 :  1; /* Reserved */
 	volatile uint8_t efc  :  1; /* Event FIFO control (Store Tx events) */
 	struct can_mcan_mm mm; /* Message marker */
-} __packed;
+} __packed __aligned(4);
 
 struct can_mcan_tx_buffer {
 	struct can_mcan_tx_buffer_hdr hdr;
@@ -92,7 +92,7 @@ struct can_mcan_tx_buffer {
 		volatile uint8_t  data[64];
 		volatile uint32_t data_32[16];
 	};
-} __packed;
+} __packed __aligned(4);
 
 #define CAN_MCAN_TE_TX    0x1 /* TX event */
 #define CAN_MCAN_TE_TXC   0x2 /* TX event in spite of cancellation */
@@ -109,7 +109,7 @@ struct can_mcan_tx_event_fifo {
 	volatile uint8_t fdf   :  1; /* FD Format */
 	volatile uint8_t et    :  2; /* Event type */
 	struct can_mcan_mm mm; /* Message marker */
-} __packed;
+} __packed __aligned(4);
 
 #define CAN_MCAN_FCE_DISABLE    0x0
 #define CAN_MCAN_FCE_FIFO0      0x1
@@ -130,7 +130,7 @@ struct can_mcan_std_filter {
 	volatile uint32_t id1  : 11;
 	volatile uint32_t sfce :  3; /* Filter config */
 	volatile uint32_t sft  :  2; /* Filter type */
-} __packed;
+} __packed __aligned(4);
 
 #define CAN_MCAN_EFT_RANGE_XIDAM 0x0
 #define CAN_MCAN_EFT_DUAL        0x1
@@ -143,7 +143,7 @@ struct can_mcan_ext_filter {
 	volatile uint32_t id2  : 29; /* ID2 for dual or range, mask otherwise */
 	volatile uint32_t res  :  1;
 	volatile uint32_t eft   : 2; /* Filter type */
-} __packed;
+} __packed __aligned(4);
 
 struct can_mcan_msg_sram {
 	volatile struct can_mcan_std_filter std_filt[NUM_STD_FILTER_ELEMENTS];
@@ -153,7 +153,7 @@ struct can_mcan_msg_sram {
 	volatile struct can_mcan_rx_fifo rx_buffer[NUM_RX_BUF_ELEMENTS];
 	volatile struct can_mcan_tx_event_fifo tx_event_fifo[NUM_TX_BUF_ELEMENTS];
 	volatile struct can_mcan_tx_buffer tx_buffer[NUM_TX_BUF_ELEMENTS];
-} __packed;
+} __packed __aligned(4);
 
 struct can_mcan_data {
 	struct k_mutex inst_mutex;

drivers/can/can_mcp2515.c

@@ -551,6 +551,11 @@ static void mcp2515_detach(const struct device *dev, int filter_nr)
 {
 	struct mcp2515_data *dev_data = DEV_DATA(dev);
 
+	if (filter_nr < 0 || filter_nr >= CONFIG_CAN_MAX_FILTER) {
+		LOG_ERR("filter ID %d out of bounds", filter_nr);
+		return;
+	}
+
 	k_mutex_lock(&dev_data->mutex, K_FOREVER);
 	dev_data->filter_usage &= ~BIT(filter_nr);
 	k_mutex_unlock(&dev_data->mutex);

drivers/can/can_mcux_flexcan.c

@@ -253,13 +253,11 @@ static void mcux_flexcan_copy_zfilter_to_mbconfig(const struct zcan_filter *src,
 	if (src->id_type == CAN_STANDARD_IDENTIFIER) {
 		dest->format = kFLEXCAN_FrameFormatStandard;
 		dest->id = FLEXCAN_ID_STD(src->id);
-		*mask = FLEXCAN_RX_MB_STD_MASK(src->id_mask,
-					       src->rtr & src->rtr_mask, 1);
+		*mask = FLEXCAN_RX_MB_STD_MASK(src->id_mask, src->rtr_mask, 1);
 	} else {
 		dest->format = kFLEXCAN_FrameFormatExtend;
 		dest->id = FLEXCAN_ID_EXT(src->id);
-		*mask = FLEXCAN_RX_MB_EXT_MASK(src->id_mask,
-					       src->rtr & src->rtr_mask, 1);
+		*mask = FLEXCAN_RX_MB_EXT_MASK(src->id_mask, src->rtr_mask, 1);
 	}
 
 	if ((src->rtr & src->rtr_mask) == CAN_DATAFRAME) {
@@ -482,9 +480,8 @@ static void mcux_flexcan_detach(const struct device *dev, int filter_id)
 	const struct mcux_flexcan_config *config = dev->config;
 	struct mcux_flexcan_data *data = dev->data;
 
-	if (filter_id >= MCUX_FLEXCAN_MAX_RX) {
-		LOG_ERR("Detach: Filter id >= MAX_RX (%d >= %d)", filter_id,
-			MCUX_FLEXCAN_MAX_RX);
+	if (filter_id < 0 || filter_id >= MCUX_FLEXCAN_MAX_RX) {
+		LOG_ERR("filter ID %d out of bounds", filter_id);
 		return;
 	}
 
@@ -646,6 +643,7 @@ static inline void mcux_flexcan_transfer_rx_idle(const struct device *dev,
 static FLEXCAN_CALLBACK(mcux_flexcan_transfer_callback)
 {
 	struct mcux_flexcan_data *data = (struct mcux_flexcan_data *)userData;
+	const struct mcux_flexcan_config *config = data->dev->config;
 
 	switch (status) {
 	case kStatus_FLEXCAN_UnHandled:
@@ -654,6 +652,7 @@ static FLEXCAN_CALLBACK(mcux_flexcan_transfer_callback)
 		mcux_flexcan_transfer_error_status(data->dev, (uint64_t)result);
 		break;
 	case kStatus_FLEXCAN_TxSwitchToRx:
+		FLEXCAN_TransferAbortReceive(config->base, &data->handle, (uint64_t)result);
 		__fallthrough;
 	case kStatus_FLEXCAN_TxIdle:
 		/* The result field is a MB value which is limited to 32bit value */

drivers/can/can_rcar.c

@@ -829,7 +829,8 @@ void can_rcar_detach(const struct device *dev, int filter_nr)
 {
 	struct can_rcar_data *data = DEV_CAN_DATA(dev);
 
-	if (filter_nr >= CONFIG_CAN_RCAR_MAX_FILTER) {
+	if (filter_nr < 0 || filter_nr >= CONFIG_CAN_RCAR_MAX_FILTER) {
+		LOG_ERR("filter ID %d out of bounds", filter_nr);
 		return;
 	}